On April 7, 2014, the National Cyber Awareness System announced a recently-discovered vulnerability within the widely used web encryption technology referred to as “OpenSSL.” USBA is aware of the Heart Bleed Virus and has taken steps to evaluate whether there is an impact. Our investigation concludes that this vulnerability does not impact our website because our encryption libraries do not use the OpenSSL library that is the source of the vulnerability. Furthermore, our servers do not use the ‘heartbeat’ extension.
We have worked with our critical business partners (hardware, software, security) to ensure that the necessary measures are in place to prevent any compromise to our systems. As part of our normal process, we will continue to monitor the situation in conjunction with the security community and our technology partners. Helping protect your personal and financial information is one of our top priorities.