Earlier this week, a vulnerability was discovered that impacts the security of many websites on the Internet.  The security flaw is called Heartbleed, and found in websites that use OpenSSL, a specific type of website encryption that protects your passwords and sensitive information on those sites.  

  

PenFed systems do not utilize the technologies or configurations which would make them susceptible to the HeartBleed security flaw.  Additionally, PenFed routinely monitors its network and systems to protect against external threats, and there is no evidence that any of those systems have been impacted as a result of the Heartbleed vulnerability. 

  

If you have any additional questions about the Heartbleed SSL vulnerability, please contact Member Service.