Heartbleed bug – what you need to know


heart bleed bug

The media has been reporting about a widespread website bug called “Heartbleed” which is a vulnerability in the security software used by millions of web sites.

We want you to know that Members 1st does not use OpenSSL 1.0.1 to 1.0.1f which means we are not affected by Heartbleed. We have taken extra steps to test our web applications and third party applications and either they are not susceptible or have controls in place to prevent any malicious activity. 

If you’re not familiar with this, OpenSSL is one form of an encryption library used in HTTPS communication – online stores and banking websites that give you that lock icon in your browser bar when you visit them. OpenSSL uses a “heartbeat” to echo back data which a hacker can use to trick the server to return anything from Usernames, account passwords to sensitive data.

Here’s what you need to keep in  mind:
While Members 1st is not affected by this, it is a good security practice to periodically change your passwords. If you use the same password for your financial institutions that you use for any of the following vulnerable sites , you should change your password immediately: Facebook, Instagram, Pinterest, Tumblr, Google, Yahoo, Gmail, Yahoo Mail, Amazon Web Services, GoDaddy, Intuit, USAA, Box, DropBox, Minecraft, OKCupid, SoundCloud, Wunderlist.

Rest assured, securing your personal and financial information is a top priority.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: