On April 7, 2014, security researchers announced a recently-discovered internet vulnerability called Heartbleed. By exploiting this vulnerability, attackers could access sensitive data, compromising the security of the affected servers and their users. At this time, it is unknown whether the vulnerability has been exploited by malicious internet users.
SMCU is aware of the Heartbleed Bug and is taking steps to evaluate whether or not our online services are affected. At this time, we do not believe there is an impact to Online Banking. However, we are working with third party vendors on assessment of the services we provide to you.
Here’s why we believe Online Banking is safe to use:
- The encryption our Online Banking provider uses does not use the OpenSSL library that is the source of the vulnerability.
- Our Online Banking provider has never used this version of the OpenSSL library.
- We have validated that our Online Banking provider’s servers do not use the heartbeat extension.
We will keep you updated on this issue as we learn more.