Landmark Bank’s website and Internet Banking are not now, and never have been affected by the Heartbleed vulnerability, but we thought you might like some tips in case you are concerned that other internet dealings might have left you exposed.
First, since the Landmark Bank site is unaffected by the vulnerability, there is no need for you to change your Internet Banking password at this time, although we recommend you change your password periodically as a normal security precaution.
The Heartbleed Bug is a vulnerability found in a piece of software called OpenSSL. This software is used to provide secure communication and privacy over the Internet for applications such as web, email and instant messaging. While the Landmark Bank website and Internet Banking use a different form of encryption, which has remained secure, many sites on the Internet use OpenSSL, including many social media sites.
If a nefarious individual exploits the OpenSSL vulnerability against a vulnerable service such as Facebook for example, they would be able to see what is normally protected by the SSL encryption used to provide secure communication across the Internet. The ability to eavesdrop on your communication would allow them to steal account information (usernames and passwords) along with other sensitive information.
How does this vulnerability affect you?
- You should be aware that your data (username and password, etc) could have been seen by a third party if you used a vulnerable service provider (facebook, pintrest, etc).
- Monitor any notices from the vendors or social media websites you use. Once a vulnerable vendor has communicated that you should change your password, do so.
- Avoid potential phishing emails from attackers asking you to update your password – to avoid going to an impersonated website, stick with the official website.
The website Mashable created a handy chart
that lists affected website and lets you know the following:
- What service or social media site is affected?
- Is there a patch? (the vendor MUST have patched the vulnerability before you change your
- Do you need to change your password?
- Did the vendor have anything to say about the vulnerability?
If you use the service LastPass for maintaining your online passwords, click on the Security Check in your vault and LastPass will alert you to your sites that are vulnerable as well as what action they recommend taking.