The Heartbleed Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on March 14, 2012. OpenSSL 1.0.1g released on the April 7, 2014 fixes the bug. This means that this exposure has been out there for more than two years.
Are my HUECU accounts safe?
The short answer is yes, your accounts are safe. However, if the user name/password you use for online and mobile banking is the same combo you use on other secure websites, it would be wise to change your password on any of those sites including your online banking with HUECU.
What else should I be doing?
First of all, don't panic. While this is a serious bug for which a fix is now available, the reality is that this vulnerability has been around for more than two years. If someone were going to steal your information and use it, they would have likely done so already . Still as a matter of best practice and your own peace of mind, you may want to change your password for the reasons noted above.
For more information on the Heartbleed vulnerability, please visit heartbleed.com and us-cert.gov.
