A major vulnerability named The Heartbleed Bug was revealed earlier this week with serious implications for millions of web users. Heartbleed affects servers by exploiting a vulnerability in OpenSSL encrypted data. The vulnerability gives hackers access to a server’s memory, where sensitive data is stored. The bug is able to capture sensitive information from affected web servers, including username, password information, credit card data and more. An estimated 500,000 servers may be affected.
If you have a Payza account and have saved information such as your credit card number or bank account details, rest assured Payza’s servers have not been affected by Heartbleed. We have been testing our system since this news came out and Payza’s website is secure against this threat.
Payza is PCI Level 1 compliant and as such, there are steps that we must take to ensure that your information is protected. As per PCI guidelines, Payza scans our servers and networks regularly to look for new possible threats and we update our servers with patches for these vulnerabilities. Payza also goes through an intense Tier 3 internal and external network and application penetration tests to discover any system vulnerabilities before hackers can potentially exploit them.
Online security experts are advising internet users to keep a close eye on their financial statements to make sure no unauthorized transactions are being made. They are also telling people to change their password information for all their accounts as soon as they have been told that the sites have been patched and are once again secured.
This new threat is another reminder about why it is important to keep good password habits, like changing your password regularly and not using the same password for multiple accounts. This article from the Payza blog has more tips about how to keep your information secure online.
As with all security threats, Payza’s IT team will continue to monitor the situation and take appropriate action. We will continue to keep you informed as updates become available.