Friday, April 11, 2014

RCU Response to Heartbleed Bug

There has been a lot of news about the Heartbleed bug over the past week.  Here is what you need to know in a nutshell:
  1. The Heartbleed bug did not affect Rocky Credit Union’s online banking site.  Information was properly encrytped at all times on our online banking site.
  2. The Heartbleed bug is a bug that affects technology used to protect online accounts for email, instant messaging and e-commerce.
  3. The Heartbleed bug has been able to read “encrypted” internet links on many websites for just over 2 years.
  4. The type of encryption that the bug was able to crack is called OpenSSL which is used on about 17% of encrypted sites throughout the world, including Facebook, Pinterest, Gmail, and Twitter. 
  5. A new release for OpenSSl  has been released, but it is up to the encrypted sites to perform the update.  
  6. Because of the prevalence of the use of OpenSSL encryption on so many of the world’s most popular sites, we recommend that members change their passwords for all sites that require you to login and use a password.  If you do not, there is potential for someone to access your information, and possibly to even steal your identity.

This is a major event in the world of cybercrime.  Again, Rocky Credit Union’s online banking site was not affected by the Heartbleed bug, but if you use the same password on our online banking site as well as any others, for the safety of your information we recommend that you change them all.  Jerry