Security Alert - April 9, 2014


A major online security vulnerability dubbed "Heartbleed" could put your personal information at risk, including passwords, credit card information and e-mails.  Heartbleed is a flaw in an encryption technology that is used by an estimated two-thirds of web servers. It is behind many HTTPS sites that collect personal or financial information. These sites are typically indicated by a lock icon in the browser to let site visitors know the information they are sending online is hidden from prying eyes.

We have audited our systems to address this issue on servers that were susceptible - this issue did not affect myACU or single sign-on.  We will direclty contact users of the affected systems. We encourage you to update your passwords across the various web pages you use, but only once you have confirmed a site has already taken the proper measures to address Heartbleed. Many sites will also likely send e-mails instructing customers to update passwords if necessary.


On the Hill