Heartbleed Security Statement
You may have heard about the "Heartbleed" security vulnerability that has exposed some websites to attackers. It is a priority for Capital BlueCross to safeguard the personal health information of our customers. Capital BlueCross has conducted testing on our systems and verified that our customers’ information is secure. Additionally, we have reached out to our business partners to confirm the security status of their systems. We will continue to conduct testing to ensure we are securing information and minimizing the future risk of a successful attack of any type on our systems.
What is Heartbleed?
Heartbleed was discovered in OpenSSL, the data encryption standard used by a majority of websites to transmit information securely. It lets attackers steal confidential data without being noticed, including passwords, bank account information, stored files, and Social Security numbers. Since the bug was discovered, many websites have taken steps to address the flaw. Capital BlueCross has not detected any issues with this bug.
What Should You Do?
While Capital BlueCross is not affected by this particular bug, the most important thing you can do to protect yourself from future risks online is to have strong passwords for all the websites you use. Also, If you use the same password for your Member account that you use for any of the following vulnerable sites , you should change your password immediately: Facebook, Instagram, Pinterest, Tumblr, Google, Yahoo, Gmail, Yahoo Mail, Amazon Web Services, GoDaddy, Intuit, USAA, Box, DropBox, Minecraft, OKCupid, SoundCloud, Wunderlist.