OpenSSL Heartbleed Bug
April 15th, 2014
Dear Valued Customer,
As you likely have heard, a new internet bug was discovered this week, called the Heartbleed bug. The Heartbleed bug allows an attacker to randomly pull data from a web server's working memory if that web server is using an older version of the OpenSSL protocol for encrypting data. Some experts estimate 66% of the public sites on the web use OpenSSL to encrypt data and are vulnerable to this bug.
At Bay Cities Bank, we are aware of the Heartbleed bug and have taken swift action to protect the bank and your confidential information we hold. We have identified any possible threats and have patched any systems that were using the compromised code.
Specific to Internet Banking, this system does not use the OpenSSL protocol and was never vulnerable.
We understand how concerning this Heartbleed bug is to you. You can have confidence in Bay Cities Bank that your private information will stay just that, private.
Windows XP Sunset
February 4, 2014
Dear Valued Customer,
The New Year brings with it the opportunity for new beginnings. Along with it come new challenges as well. 2014 will be no different. One item that looms large is Information Security and how to protect your systems from attack. This is why I am writing to you today. In light of the recent information breach at Target, Neiman Marcus and others, it is important that you actively protect your systems from attack.
April 8, 2014 is a critical date for anyone using Microsoft Windows XP. This is the last day of support for this product. What does this mean to you? Well, here are a few items to consider.
• After April 8, 2014: There will be no new security updates, non-security hotfixes, free or paid assisted
support options or online technical content updates.
• Security & Compliance Risks: Unsupported and unpatched environments are vulnerable to security risks.1
• Lack of Independent Software Vendor & Hardware Manufacturers support.1
• Technical assistance for Windows XP will no longer be available: This includes automatic updates that
help protect your PC.
• Your computer will become more vulnerable to security risks and viruses.2
• This will effectively make Windows XP non-compliant with HIPAA, HITECH, and GLBA after Microsoft
Should you continue to operate your computer system using unsupported hardware or software, either by the manufacturer or the service provider, this may result in an officially recognized control failure, and significantly limit your ability to protect yourself from liability.
If you have not already done so, please begin preparation to remove any Microsoft Windows XP installations, especially those you might be using to conduct Internet Banking.