Security

Security lock on a keyboard

Fraud Alerts

Heartbleed Vulnerability

April 15, 2014

SAC Federal Credit Union has conducted reviews of our systems, including conversations with key third-party vendors, and verified that our systems and our members’ data are not at risk.

What is Heartbleed?

Heartbleed is a vulnerability of certain versions of OpenSSL, a security standard encrypting communications between users and servers provided by a variety of online services. According to McAfee, “The mistake makes it viable for hackers to extract data from massive databases containing user names, passwords and other sensitive information.”

Is my information at SAC FCU vulnerable?

No, your information at SAC FCU is safe and secure. SAC FCU and its website were not affected, including SAC FCU’s online banking, the SAC Mobile Access iPhone and Android app, web-based mobile banking, and text banking.

What should I do?

This is a great time to review your online security. SAC FCU advises not to use passwords on more than one site – if you are using the same password on multiple sites, follow these steps:

  1. Use a site checker like McAfee’s to see if the sites you use are open to vulnerability from Heartbleed. If the site is still vulnerable, wait until the site is updated and no longer vulnerable to change your password.
  2. If the site isn’t vulnerable, create a strong password for each site. This guide from Mozilla.org has great advice on how to create a strong password, including steps for customizing a password for different sites that’s still easy for you to remember. Even if you don’t use the same password on multiple sites, it’s still a good practice to change passwords periodically.

An online test site I used says SAC FCU might be vulnerable to Heartbleed. Is it?

No. While a portion of SAC FCU’s online domains use OpenSSL, the versions used were not affected by Heartbleed. We have taken steps to ensure our systems and data are secure, and are continuing to take steps to limit the risks associated with Heartbleed.

What if my information was vulnerable through another site?

If you do find yourself a victim of identity theft, whether through the Heartbleed vulnerability or another attack, don’t despair. Start with our blog post “The road to recovery: What to do when your identity is stolen” and download our Essential ID Theft Checklist to get back on track.

SCAM ALERT

October 10, 2013

Safeguard yourself from fraudulent activity, especially text messages that are from an unknown source. SAC Federal Credit Union does not use text messages to handle security questions regarding your account. If you receive a text message and are unsure of its validity, call or visit any SAC Federal Credit Union branch and speak to a representative.

Be aware of phishing scams advising you to check your credit score due to a security concern. If you have received an email or had a pop-up message while browsing advising you to do this, be aware that this is a scam.  These messages did not originate from SAC Federal Credit Union. It appears to be a phishing scam that is attempting to gain access to your personal data. DO NOT open, click on any links or respond to these requests. If it is an email, delete it from your computer. If it is a pop-up window, you should run an anti-virus/anti-malware scan on your computer immediately.

Protect Your MasterCard Debit Card

A national retailer recently experienced a security breach of their credit card data. Protect your card in the future by enrolling in the free MasterCard Secure Code program. This program adds a personal password to your debit card so only you can use the card for online purchases. It’s easy and safe.


Identity Theft Identity Theft

Laptop Phishing

ATM ATM Safety