Daily Dupaco

Online security threat dubbed "Heartbleed" has technology experts and consumers concerned

Turn to any news source, online or otherwise, and it won't be long until you see or hear a reference to Heartbleed, a newly discovered bug that has the capacity to intercept personal information captured on an estimated two-thirds of website servers.

It's second nature for us to look for the lock icon on a website that asks us for passwords or other personal information. One encryption technology used to provide this security—OpenSSL—is now known to have vulnerabilities that could put your personal information at risk, including passwords and financial information like credit card and account numbers.

Dupaco's website servers have been fully tested and it has been confirmed that our servers remain secure and are NOT vulnerable to the threat caused by the Heartbleed bug. Users of Dupaco's websites, like Shine Online Banking and www.dupaco.com, can continue to use these sites with confidence.

Although a change of password is not required for Dupaco members using Shine Online Banking, it has always been Dupaco's recommendation that internet users regularly change passwords on all password-protected websites to help safeguard their accounts. We also recommend careful and regular monitoring of online banking activity for transactions on your accounts that appear suspicious.

How can you tell if other, non-Dupaco websites are vulnerable?

"It's difficult for the general public to know whether a website that is dubbed "secure" is really secure or not," says Steve Ervolino, Dupaco's senior vice president of information services and technical support.

"As a safeguard, I'd advise changing your passwords now and again in a couple of weeks," said Ervolino.