Recently a security flaw was identified in OpenSSL software that affects the security on many servers. This flaw, known as the Heartbleed bug, has the potential to make online banking login credentials vulnerable. There is no evidence that any member’s information was compromised, however, because of the nature of the Heartbleed bug we strongly recommend that you take the time to change your login information for MCU@Home. This information would include changing your security key, your security questions and personal identification number (PIN). Log on to MCU@Home, and click on the “Security” tab to make these changes. We also recommend that you delete your web browser’s cache, cookies and history.
Members CU’s online banking vendor has already taken every precaution to ensure that the OpenSSL is no longer a potential vulnerability for our members using MCU@Home. The fixed OpenSSL has already been adopted on MCU@Home and a new security certificate was generated. The next layer of precaution is for you to change your login information and delete your Internet cookies. Remember to use a random password, change your password on a regular basis and never share your password with someone else. Here are instructions about how to clear your cache and cookies for Chrome, Internet Explorer, Firefox, Safari, and Opera. To learn more about the Heartbleed bug visit heartbleed.com.
Additional Information Added 4/17: Now that the word is out about the Heartbleed bug beware of phishers and other scam artists who will try to take advantage of the situation. Don't respond to emails with your password or click on any links from emails that prompt you to change your credentials. Instead, visit the website manually with the use of trusted bookmarks, search engine or typing the web address in the URL bar.