You may have heard in the news that many major Internet sites were affected by the Heartbleed Bug. We want to assure you, our users, that FutureAdvisor’s security and engineering team has been following developments since the vulnerability was first announced, and has taken the necessary steps to assess our systems and address any that were affected.
Our security assessment confirmed that FutureAdvisor systems storing customer information were not affected by the Heartbleed Bug. The systems that were affected have been patched and are no longer vulnerable.
The Heartbleed Bug is a vulnerability in certain versions of the OpenSSL software package that is used to secure web site connections. Our endpoint systems for these SSL connections were affected, but our security team has ensured that they are now patched and no longer vulnerable. As an extra precaution, we have also rotated all of our SSL certificates.
What Do You Need To Do?
We have verified that none of the affected systems stored customer information and have no reason to believe that any customer accounts have been compromised. However, if you are concerned, we recommend you change your FutureAdvisor password, especially if you’ve used the same password on other web sites that were also affected by the bug.
We take the security of our customer information very seriously. Please don’t hesitate to contact us at firstname.lastname@example.org if you have any other questions or concerns.