The “Heartbleed Bug” (Open SSL vulnerability)
We are aware of the concerns surrounding the “Heartbleed Bug” (OpenSSL vulnerability). We have been in the process of assessing all PEFCU systems to determine if there are any known vulnerabilities, and will continue to review those until we are confident we have covered all areas of concern. If any vulnerabilities are identified, corrective action will be taken to mitigate the risk as soon as possible.
Additionally, we are contacting third party vendors with which we do business, and asking them to confirm that they are not using Open SSL, and if they are, what steps they have taken to mitigate any risks.
To date our Mobile Banking Provider has determined that our mobile banking service is not affected by this vulnerability.
Similarly, our Internet Banking provider has completed their assessment of any possible vulnerabilities within their products and services and have reported that they believe all their solutions to be unaffected and not vulnerable. As a precaution, they are doing a secondary review of their solutions.
We strongly advise all members to take precautions to protect themselves using the following tips:
· Frequent password changes
· Secure confidential information
· Use industry leading fraud security products on online devices to detect any viruses
· Avoid suspect websites
· Ignore/delete any emails from unknown entities
We will continue to post additional updates as it becomes available.