Josh Holst

Apr 17 2014

Heartbleed Bug Vulnerability


Heartbleed Bug Vulnerability

You may have heard recent news reports about the “Heartbleed” bug vulnerability which is a programming flaw in Open SSL encrypted websites used to secure private information online. This flaw potentially allows fraudsters to access usernames and passwords which may be contained in the memory of a device used to connect to the Internet. This flaw was limited to specific versions of SSL certificates.

What has Hills Bank done to protect my information from the “Heartbleed” bug vulnerability?

We take our customers’ security very seriously and have monitored the vulnerability closely. We’ve taken the necessary steps internally as well as with our vendors to ensure our encrypted websites are not vulnerable to the “Heartbleed” flaw.

Hills Bank works to maintain the highest level of security for our customers with rigorous security standards and fraud detection.

Is Hills Bank OnlineTM affected by the “Heartbleed” bug vulnerability?

No. Hills Bank Online (online banking), Hills Bank Online Investments Login (Trust and Wealth Management Login and the 401(k) Login), Hills Bank mobile banking, and HillsBank.com are not affected by “Heartbleed.”

What do I need to do to protect my information?

Vulnerabilities like “Heartbleed” are a reminder that it’s a good practice to change all your passwords regularly using a combination of letters, numbers, and characters.

Unfortunately, when vulnerabilities like this arise, it creates opportunities for fraud. Knowing people are concerned about “Heartbleed,” fraudsters may launch phishing scams disguised as legitimate claims to reset your passwords. Use appropriate caution if you receive an email from a company asking you to update your information instead of going to a website and manually changing your passwords.

Hills Bank would like to remind you that we will never ask for personal account information by email, text, or phone. Do not respond to unsolicited requests for personal and financial account information via email, text, or phone. If you receive a request for personal information which appears to be from Hills Bank, please contact Hills Bank at 1-800-445-5725(HILLSBK) or visit any Hills Bank location to verify the validity of the request. Also, it’s recommended that you never include confidential information in any unsecured email message.

If you have any questions about “Heartbleed”, please contact Hills Bank at 1-800-445-5725, email me at ITGuy@hillsbank.com, or leave a comment below, and I’ll be happy to respond.

Josh Holst

About Josh Holst

Josh Holst is Vice President of Information Systems at Hills Bank’s Operation Center in Hills, IA. He has been at Hills Bank since 2002 working with systems and network administration, with a focus on customer service, security, business continuity, compliance, and operations. Josh can be reached at ITguy@hillsbank.com.


This entry was posted in News and Events and tagged , , . Bookmark the permalink.