Website Vulnerability Concerns
Wednesday, April 16, 2014
South Carolina Federal Credit Union does not run OpenSSL on any of the systems we host. Only systems that run OpenSSL re vulnerable to the “Heartbleed” bug. South Carolina Federal Credit Union has substantial security measures in place to protect against the loss, misuse, or alteration of information that is under our control. Your credit union also uses the latest firewall and encryption technologies to protect individual identifying information transmitted over the Internet. The multi-factor authentication in place for online banking users is specifically designed to prevent unauthorized access to your account information. We have also been assured by our service providers that neither online banking nor any of the associated tools use OpenSSL.
South Carolina Federal certainly understands member concerns about the security of online banking, and we encourage members to take precautions to keep their personal information secure.
Although no personal data is accessible directly through scfederal.org, we are evaluating additional options to address any apprehensions on this matter.
To check the rating for South Carolina Federal’s online banking on https://www.ssllabs.com/ssltest/index.html the correct domain name is scfederalonline.org. Once you enter credentials in the login box on scfederal.org, you connect to scfederalonline.org which operates in a highly secured environment and is not subject to the Heartbleed bug.
The screenshot below was taken today, and confirms that their rating for scfederalonline.org – our online banking site – is an A-.