First the NSA, then Target and now Heartbleed....What's next?
As you have most likely heard, the security community was made aware of the "HeartBleed" vulnerability in OpenSSL on the evening of April 7th. We would like to remind our members that the security of your personal information is a top priority and we make business decisions based on that promise. When news of this security issue was announced, Gallup FCU immediately began researching our threat status and determined that our website, online and mobile banking sites were not put at risk by the use of compromised OpenSSL versions. During our conversion last November, all members were required to set-up new passwords and new multi-factor authentication therefore, no member account information was or could have been compromised by this vulnerability.
We have also contacted all of our partner e-networks (i.e. bill pay, CO-OP Shared branching, Fiserv debit card processor) asking for status updates. They have confirmed that they were either not reliant on OpenSSL for security, or that they were not using compromised versions of OpenSSL.
As always, we will continue to place member security at the highest priority level. While none of our networks were put at risk due to this vulnerability, it should still be taken very serious by our members.
If you have any questions at all, please reach out to us:
"Like" the GFCU on Facebook to stay in the know: https://www.facebook.com/#!/Gallupfcu