On April 8, 2014 it was announced that a critical vulnerability had been discovered on websites using OpenSSL software of certain versions. This vulnerability is being called the “Heartbleed Bug”.
What is OpenSSL?
Open Secure Sockets Layer (OpenSSL) is a technology component used by a large number of the Internet’s websites to secure the traffic, passwords and other sensitive information transmitted to and from users and visitors.
What is the risk associated with the Heartbleed Bug?
The vulnerability permits unauthorized access to server memory, which might include usernames and passwords, re-usable browser cookies, or even encryption keys used to secure the transmission of information.
Since the initial announcement, fixes have been released and many operating system vendors and independent software vendors have already adopted the fix and notified their users. Service providers and users have to install the fix as it becomes available for the operating systems, networked appliances and software they use.
How has Salisbury Bank been impacted by the Heartbleed Bug?
Salisbury Bank and Trust Company understands the severity of this vulnerability and has taken action to ensure that your personal information remains safe. We have completed an assessment of our critical systems and have determined there has been no impact to you, the customer. We continue to monitor our third-party vendors to ensure that they are aware of the vulnerability and are taking appropriate risk mitigation steps.
Is my account safe?
Yes, consumers are protected from any unauthorized transactions. If you detect unauthorized transactions on your account, contact the Customer Support Department immediately at 860.596.2444. You can reach us Monday through Friday, 9:00 a.m. to 5:00 p.m. or Saturday 9:00 a.m. to Noon, Eastern Time.
We strongly encourage you to become familiar with the Heartbleed Bug and determine if you may be impacted via other websites that you use (email accounts, social media, bill payment sites, etc.). You should consider the following precautions:
o Monitor your account(s) frequently,
o Change passwords every few months,
o Secure confidential information both physically and electronically,
o Use industry leading fraud security products on your online devices to detect any viruses,
o Avoid suspect websites, and
o Ignore/delete any emails from unknown entities.
Your eBanking account and related features are not vulnerable. It is safe to use your online banking and mobile app.
For more information please visit www.heartbleed.com.