Many of you may have heard on the news about an Internet bug known as Heartbleed which exposes a flaw in communication that is securely transmitted over the Internet. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. It appears this bug may have been around for a couple of years; however, researchers just published their findings this week.
Our online banking, mobile banking, merchant deposit, and business online banking systems are secure, and not impacted by the Heartbleed Bug. Due to the fact that these services were not impacted by a vulnerability, it is not necessary to change your user name or password; however, if you are concerned and would prefer to change either your user name or password, or both, please contact us and we may assist you in resetting your login information.
For more information on the safety and security of your accounts with us, please contact your local Bank, Insure, Invest or Tax Forward office.
You may also want to review this issue on a personal level. If you have secure sites you visit for any number of reasons (make online purchases, pay a credit card bill, check your investment balance, email, etc.) you will want to check those sites for vulnerability too. There is a website you can visit to see if a company is on the list and what action they have taken: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
A tool that can also be used at home to check if the website you use is exposed or safe: http://filippo.io/Heartbleed/. It should be noted that this site will NOT work with Internet Explorer 9 or earlier versions. If you want to error on the side of conservative and change your password to a site, make sure you do it only if the site is deemed fixed. If you change it before that, your new password will be compromised as well.