The Heartbleed Bug: What You Need to Know | Moneta

Blog

Over the past few weeks the news has been buzzing about something called “The Heartbleed Bug.”This bug is a vulnerability in popular Open SSL software and allows protected information to become compromised. Heartbleed has affected many large networks and websites and should be taken seriously, which is why we wanted to send you an update on how Moneta and Moneta’s constituents responded.

In an effort to keep you fully informed, we wanted you to know that not only are we aware of the issue, but also secure. Here is a breakdown of what we currentlyknow.
  • Moneta Group – After testing all of our internally and externally facing systems, we have not found any of them to have been affected by the Heartbleed bug. We will continue to keep a close watch on our sites.
  • Schwab & Fidelity – Our two main custodians have not detected Heartbleed on any of their online channels at the time of this posting.
  • ByAllAccounts – We have a small number of accounts that use a data aggregation service called ByAllAccounts (BAA).  BAA has communicated that although they have found no indication of a data compromise, as an extra safety precaution they are recommending that users consider changing their passwords. Our teams are reaching out to each client that uses this service to discuss the issue and offer help with any changes, if needed.
  • Other Partners – The remainder of Moneta Group’s partners have confirmed that either they do not use any of the affected versions of OpenSSL or have tested their systems and are not showing any exposure. All will continue to monitor the situation closely.

Although most of Moneta’s affiliates are unaffected, there may be personal websites that you use that could have been breached. The online news source, Mashable, is keeping an up-to-date list of sites affected by Heartbleed. This list includes social media networks, email sources, commerce companies, banks, and more. Visit mashable.com and read “The Heartbleed Hit List” to see the comprehensive list. If you have accounts with any of the sites listed there, we highly recommend changing your passwords on a regular basis and not using the same password across multiple sites.

If you have any questions or concerns, please feel free to reach out to your financial advisor for advice.