What is the Heartbleed Bug?
The Heartbleed Bug is a serious flaw in a specific version of OpenSSL. This software is commonly used on the Internet to provide encrypted web services, for example when you see https or a lock icon in your browser when visiting financial or other secure sites. The bug makes it possible for remote attackers to obtain information from vulnerable sites that is intended to be encrypted and confidential. Some examples of disclosure have included login passwords, answers to security questions, and private keys that could be used to decrypt information until the site’s certificates are reissued.
Is/was Pekin Insurance® vulnerable?
No. None of the external services hosted by Pekin Insurance, like MyPI or Pekin Partners, have been affected. Our services do not use the specific OpenSSL software that is vulnerable to the Heartbleed Bug.
What do I need to do? No action is required for users of Pekin Insurance web services. However, everyone is strongly encouraged to check public lists of prominent sites that may have been vulnerable in case of personal use. Users should change passwords for these sites, especially if the online application is accessed via a mobile device.