Heartbleed Bug Info

Posted on Friday, April 11, 2014

On April 7, 2014, security researchers announced they had uncovered a bug or flaw in a key safety feature of the Internet—OpenSSL software, called the Heartbleed Bug.  IMPORTANTLY, we have no indication that Heartbleed Bug has been used against the Bippus State Bank website.


As you may know, OpenSSL software is one of the key technologies used to encrypt data transactions online. An indicator that a site is protected by OpenSSL is the signature padlock displayed in the browser. The Heartbleed Bug allows attackers to retrieve sensitive information such as usernames, passwords and credit card details from servers running the affected versions of the software.


You should know the encryption used by Bippus State Bank’s Internet Banking Vendor’s platform is not vulnerable to the Heartbleed Bug. Their Online Banking webservers do not use the version of the OpenSSL library that is vulnerable to this Bug.


Data security is of paramount importance to Bippus State Bank. We take our responsibility to process transactions safely, securely, and reliably very seriously. As part of that responsibility, we assure you that our internet banking vendor utilizes a regularly updated combination of vulnerability intelligence and industry leading technology to scan for vulnerabilities as well as detect and respond to potential threats to our collective security. They employ dedicated security and technology teams to oversee our systems on a 24/7 basis, enabling them to react immediately to potential vulnerabilities like the Heartbleed Bug or other threats.


However, as a matter of general security, Bippus State Bank always recommends that you change your passwords on a regular basis.
 

Posted in Alerts