As you may have heard, Heartbleed is a serious defect in OpenSSL,
a core cryptographic library that is used to protect communications
on the Internet. This security flaw affected a large proportion of
Web servers on the Internet and was discovered on April 7th.
From our analysis, as well as the analysis of a third party network
security firm, Thinkwise Federal Credit
Union found one security certificate within our system that was
affected. As of April 8th, this certificate was patched with the
latest version of OpenSSL. It has been determined that all other
systems utilize a different SSL library and were not affected.
We have no evidence that our servers were compromised in any
way. However, due to the wide scope of this security flaw we
recommend changing your Home Banking password as a
precautionary measure. Please be alert to the possibility that
you may receive phishing emails with links that encourage you
to change your online passwords to compensate for the
vulnerability. Thinkwise will not send any e-mails with links to
change your password. With us, and with any site, you should
make changes to your passwords directly on the site itself and
not through any other methods.
Thinkwise takes protecting all of our members’ financial security and privacy
as a top priority. We are continuing to monitor this situation and will
provide updates when appropriate. If you have any questions or concerns,
please contact us and we will happy to assist you.