Heartbleed Security Flaw

April 10, 2014 

National Penn is aware of the extensively publicized report regarding a new security flaw dubbed “Heartbleed”. This vulnerability exists in embedded software used to encrypt communications across a wide array of computer systems. National Penn has conducted an internal review of systems that use the Open SSL technology and is confident that online banking and mobile banking are safe and secure and are not vulnerable to this security flaw.

We understand that National Penn customers may have a concern regarding this flaw and provide the following information.

What is the Heartbleed security flaw?
Heartbleed is a flaw in the programming on secure websites that could put your personal information at risk, including passwords, credit card information and emails. The Heartbleed Bug is a defect in encryption technology – called Open SSL – used by most Web servers to secure users’ personal or financial information.

Is my bank account safe?
Consumers accounts are protected from unauthorized transactions. National Penn works diligently to ensure a safe and secure banking experience and protect customers’ information including rigorous security standards, encryption, and fraud detection software. Please contact National Penn immediately if you suspect any unusual activity

Am I affected?
Most active users of the Internet have likely been exposed, since a majority of Web sites – including Facebook, retail and even government sites – use the Open SSL software. But it is unknown whether any criminals have actually exploited the bug, and several major sites, like Amazon, have already installed patches.

What can I do to avoid exposure?

As a standard practice, it is a good idea to:

  • update your bank password every few months.
  • monitor your account regularly and report suspicious transactions to National Penn immediately.
  • beware of phishing scams – that will attempt to get additional sensitive information from you.
  • be cautious in responding to e-mails or clicking on malicious links.

If you have a specific concern regarding your account, please contact National Penn at 1.800.822.3321.

Back to Top