On April 7, 2014, security researchers announced a recently-discovered vulnerability called “Heartbleed”. By exploiting this vulnerability, attackers could access sensitive data, compromising the security of the server and its users. This includes websites, mobile, and email. It is affecting about 66% of all internet servers.

What you need to know:

  • TotalBank has verified that our systems are secured.
  • TotalBank does not use the openSSL type of security layers.
  • The security vulnerability is a global problem that has been in place for two years and has affected many popular websites and services.
  • Heartbleed only affects servers, not consumer PCs.
  • Organizations nationwide are actively installing patches to fix this vulnerability. You should change your passwords once these patches are in place. Although changing your password regularly is always good practice, if a site or service hasn't yet patched the problem, your information will still be vulnerable.
  • If you reused the same password on multiple sites and one of those sites was vulnerable, you'll need to change the password everywhere. It's not advisable to use the same password across multiple sites.
  • Some Internet companies that were vulnerable to the bug have already updated their servers with a security patch to fix the issue. This means you'll need to go in and change your passwords for these sites as soon as possible. This is not a guarantee that your information wasn’t already compromised, however, there’s also no indication that hackers knew about the exploit before last week. The companies that are advising customers to change their passwords are doing so as a precautionary measure.
  • Although TotalBank’s accounts are not affected, you should monitor your accounts for suspicious activity from other systems.
  • TotalBank’s security team continues to monitor the situation and is dedicated to keeping our customer information safe & secure. To learn more about best practices to protect yourself online, we encourage you to visit our Security page for more information.
  • MASHABLE, CNET and several other news outlets have more information on the “Heartbleed” bug and what you can do to protect yourself. We encourage you to check with the sites and services you use for information on how the “Heartbleed” bug may have affected them and the actions you should take.