Heartbleed's Credit Union Impact: Threat of the Week
Early reports from credit unions regarding the Heartbleed data leak indicate they and their members are suffering few, if any, impacts. But investigations, in many cases, are in early stages.
The Heartbleed vulnerability, to recap, is a flaw in the popular OpenSSL tool that powers secure web sessions. Despite the SSL promise of heightened security, Heartbleed allowed hackers to get a clear, unencrypted view of data.
Reports from leading vendors so far are encouraging.
Menlo Park, Calif.-based Digital Insight, which provides online banking platforms to hundreds of credit unions, provided this statement: “After performing a thorough investigation, our research indicates that this vulnerability does not impact Digital Insight Online Banking websites because the encryption libraries used for Digital Insight Online Banking do not use the OpenSSL library that is the source of the vulnerability. However, we continue to investigate. We are working with third party vendors on assessment of any vulnerability in their services we provide to our financial institution customers.”