POPA Federal Credit Union has assessed and found all member web-facing systems unaffected by the “Heartbleed Bug”. Please feel confident that POPA Federal Credit Union has and will continue to take the required steps to address current and future security issues. We will, continue to monitor all systems and keep members informed as necessary.
What is “Heartbleed Bug”?
The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).
The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users. This is all accomplished without leaving a trace on the server.
What can I do to protect myself?
It is recommended that members regularly change all internet accessible passwords (Online banking systems, e-mail accounts, online shopping accounts, etc.) and use a unique password for each system. POPA Federal Credit Union recommends that members contact manufacturers of all internet connected devices about any possible Heartbleed Bug vulnerabilities.
Is my mobile device secure?
Apple computer announce that all their devices and applications have not been affected by the Heartbleed Bug, except for the Blackberry Messenger for IOS application. Google Android and Windows devices have been found secure except for Google Android versions 4.1.0 and 4.1.1. We recommend that members contact their mobile device provider or cellular carrier for more information about any Heartbleed bug vulnerabilities.
What is not affected?
Web, email and mobile-app communications that were never meant to be secure. Windows PCs, Macs, most Linux desktop and laptop machines. iOS (Apple) devices and most Android devices.
Questions?
Please call us at (562) 229-9181 and one of our Member Service Representatives will be happy to assist you.