Important Information Regarding the “Heartbleed” Security Vulnerability

Posted:

You may have heard of the “Heartbleed” bug that was identified earlier this week by security researchers. You can rest assured that Bank of Tennessee and our divisions Carter County Bank and Mountain Community Bank are not vulnerable to this bug.  You are safe to continue to use our online banking, mobile banking, and web sites without concerns related to this particular threat.

How We’ve Prepared

The Heartbleed bug allows attackers to gain access to usernames, passwords and other sensitive data from certain websites that use specific versions of “OpenSSL”, a widely-used security encryption layer.

Online Banking and Mobile Banking:  Our hosting environment utilizes network load balancers, which manage SSL encryption and decryption for data center customers. These load balancers do operate an implementation of OpenSSL; however, the version running is NOT vulnerable to this bug.

Public websites (bankoftennessee.com and cartercountybank.com): Our servers were scanned by our development partners and by our hosting facility as soon as we became aware of Heartbleed. Our servers were not found to be vulnerable; however we are updating our website security certificates as a precaution. The Carter County Bank website does not collect any secure information or passwords, but maintains an SSL security layer as an extra precaution.

Please know that Bank of Tennessee and our divisions Carter County Bank and Mountain Community Bank take these threats seriously.  Additional information can be found here regarding this vulnerability:

http://www.heartbleed.com/
https://threatpost.com/seriousness-of-openssl-heartbleed-bug-sets-in/105309

If you have any questions, please contact our Customer Care Center at 866.378.9500.