22 April 2014
Washington, DC—Recently, the Heartbleed bug has affected millions of servers around the world. NCARB is pleased to inform its customers that none of our systems have been impacted by this bug and your information remains safe on our servers. Our systems were protected due to several of the technology choices we made over the last few years as we’ve upgraded our services in My NCARB.
Heartbleed is a very serious issue because it allows an attacker to read the contents of memory on any publicly accessible server on the Internet. This means that a skilled hacker can retrieve your password, social security number, or any other piece of data that may be stored about you on any computer that is susceptible to this bug.
Many organization and service providers have sent out messages stating that they were impacted and that you should change your password. If you received such a notice then you should heed their advice, but beware of phishing attempts. Hackers are known to be an opportunistic, so be sure that it really is from the service provider. The safest method is to log in to your account via your browser’s address bar or via an official app rather than clicking a link in an e-mail.