“Heartbleed – OpenSSL” SECURITY THREAT

April 9, 2014

On April 7, 2014, security researchers announced a recently-discovered vulnerability called Heart Bleed. By exploiting this vulnerability, attackers could access sensitive data, compromising the security of the server and its users. A flaw was discovered in “OpenSSL” – a commonly used internet security technology. OpenSSL is used by many websites for encrypting personal data, communications and transactions. This security flaw was recently exploited by a software bug called “Heartbleed.” Experts believe that Heartbleed has the capability to acquire user ID’s, passwords and other personal information from websites using OpenSSL. It is not yet known who’s personal information may have been compromised or how much information was stolen.

Liberty Bank has never used OpenSSL technology on our website. Your personal information at Liberty Bank was not compromised by Heartbleed. We have also confirmed that each of our Internet service partners, which help provide Online Banking and Cash Management, also do not use OpenSSL technology.

If you are like many people who use the same User ID’s and/or Passwords to access multiple internet websites, this information may have been compromised on another site using OpenSSL technology. And if your information was stolen, it could potentially be used to access safe internet websites where the stolen information could provide correct authentication.

If you have used your Liberty Bank Password as a password for any other internet website, you should change your Liberty Bank password now. You can easily change your Liberty Bank password by going to our home page at libertybanknw.com. Simply log into Online Banking using your current password, click on”My Settings” and update your password. For Cash Management users, click on “Administration” and under “My Profile” you can update your password.

Surveys indicate that a staggering number of internet users, choose simple passwords like: “PASSWORD” or “12345.” Many others use easily discovered information, such as pet names, anniversary or birth dates. Experts recommend that secure passwords be a minimum of 8 characters long (some websites require even more), and that the strongest passwords use a complex combination of Letters, Numbers and Symbols.

If you have any questions, or need help changing your password, please call us at (360) 779-4567.