Scam Alert: We have been alerted that someone may be spoofing our 1-800-531-2328 and 512-435-4545 numbers to tell members they have fraud on their debit card and attempt to gather personal information. Please remember to not provide any information to someone who calls you and requests personal information. If you're not comfortable with a call you receive claiming to be UHCU, hang up and call UHCU directly. 
Back to Articles

Security Warning: The Heartbleed Bug

An internet vulnerability affecting roughly two-thirds of all websites was recently discovered. Websites that use free, open source forms of encryption (OpenSSL) are at risk. UHCU’s website and Online Banking system are not directly impacted by this form of encryption vulnerability. However, you should still take measures to protect yourself and your personal information.

Vulnerable websites include those you frequent on a regular basis, such as your favorite social networks, online retailers and even those run by the government.  High-traffic sites like Yahoo were, and still may be, running outdated versions of the encryption system. These outdated encryption systems could mean your usernames, passwords or other sensitive information are no longer secure. The Heartbleed Bug, the name of this flaw in the OpenSSL encryption software, allows anyone on the internet to read the memory of the systems protected by this software – enabling attackers to eavesdrop on communications, steal data directly from users and impersonate users.  Because so many websites use this form of OpenSSL encryption, there is a high probability that your usernames, passwords or other sensitive information have been exposed.
 
To protect yourself, you should wait a few days for website owners to update their system encryption and then change all your passwords. If a website hasn’t been updated yet, any new password you enter could still be susceptible. You might be notified by website owners to change your password within the next couple days. If so, change your password at that time. It’s important that you do not change your password on a website that is still vulnerable. Please keep in mind that The Heartbleed Bug has put two-thirds of the web at risk. Even if you don’t believe the websites you visit were affected, it is a good idea to change your passwords just in case. Again, UHCU’s website and Online Banking system are not directly impacted by this form of encryption vulnerability.  

More Helpful Information about the Heartbleed Bug   

Giant Web Vulnerability Brings Indirect Risk to Digital Banking - American Banker
Heartbleed Bug: What You Need to Know - Bank Info Security
What You Need to Know about Heartbleed - ReadWrite                             
In an effort to prevent fraud and identity theft, United Heritage Credit Union seeks to inform its members of major security breaches that potentially compromise personal information. If you believe you are a victim of fraud or have questions regarding suspicious account activity, please contact United Heritage at 512.435.4545, 903.597.7484 or 800.531.2328.