The OpenSSL Heartbleed Bug

posted 4/10/2014 in General

Lincoln Savings Bank is aware of the “Heartbleed” Internet bug affecting many websites. It is getting a lot of attention because it affects the protocols at the heart of Internet Security.  It’s important to note that the Heartbleed bug only affects certain versions of OpenSSL, so only those sites running the affected version of OpenSSL are impacted.

The security of our customer’s personal and financial information is of highest priority always.  We are actively working with all critical technology partners to ensure that our systems are secure and no systems are at risk.  Our two most used online systems, www.mylsb.com and Online Banking DO NOT run the version of OpenSSL that was vulnerable.

While there’s no indication our online systems have been affected, it’s always a good practice to change your password regularly and use a unique password for each secure site you visit.  PLEASE be on the lookout for any phishing emails that may try to exploit this situation to gain your personal information.  If you receive an email that looks like it’s coming from LSB telling you to click a link to reset your password because it was compromised due to the “Heartbleed” virus, DO NOT click the link.  LSB will not send you an email with a link to change your password.  If you wish to change your online banking password, login to online banking from mylsb.com, and click Security under the Preferences section.

There have been reports about a number of popular websites that were vulnerable to the OpenSSL/Heartbleed bug.  Click here for an article on Mashable.com with details about which passwords should be changed.

We value your business and are committed to ensuring the security of your personal and financial information.  We are continuously improving our security and systems to ensure we have adequate measures in place to prevent cybercrime.

Lincoln Savings Bank, Member FDIC

Blog and News