The Heartbleed Bug is a programming flaw in the encryption of websites that use OpenSSL, a software that protects website communication on the Internet.
OpenSSL is behind many “https” sites that collect personal or financial information. Most sites with an address beginning with “https” are vulnerable to the bug until the website operator patches the site against the bug and site users change their passwords.
American Federal does not use OpenSSL. We are not susceptible to the bug. We do not store customer information on our website. Our online banking systems and internal servers are protected.
Transactions against consumer checking and savings accounts are protected from unauthorized activity and will have no liability if unauthorized transactions debit their accounts. Nevertheless, you should always monitor your accounts regularly for suspicious activity. If you detect any suspicious transactions, contact your local American Federal Banker.
How to Protect Yourself
Now is a good time to change passwords on sites that have not been affected or updated to patch their servers against the Heartbleed Bug. (You can check here. You will need a website’s URL or IP address.) If a site has been affected, however, you will want to wait until it addresses this vulnerability before changing that login.
Even if you don’t believe you were affected, it is possible that sites you regularly use, like Yahoo and Facebook, might have been.
Create Strong Passwords
A strong password has a minimum of eight characters that includes uppercase and lowercase letters, numbers and symbols and does not contain all or part of the user’s account name or number.
Never create the same password or user ID at different websites and use different passwords on multiple accounts.
Additionally, remember these important password tips:
- Create a password that is different from your previous five passwords
- Don’t use simple or obvious passwords, including personal information like a social security number, date of birth or address
- Change your passwords regularly, every 60 to 90 days
- Use a site’s multi-factor authentication when it is available
Safeguard Your Information
- Secure your computer and encrypt your personal data. Lock your computer and mobile devices. Be certain your computer and mobile devices have the proper security controls, including strong passwords, up-to-date anti-virus and anti-spyware software, current malware protection, the latest patches for Internet browsers and a firewall.
- Ensure your personal information is properly encrypted while in transit and while in storage on your computer.