Dear Member:
Re: Heartbleed Bug
After learning of the security vulnerability posed by the "Heartbleed" bug, the CMRTO wanted the address concerns identified in recent news stories. The bug is related very specifically to a product called OpenSSL which is used to secure website traffic and protect data in transmission.
We have reviewed our systems and none of the CMRTO websites or direct services use the OpenSSL product so we are not directly at risk. We can confirm that the safeguards we have in place are functioning as expected and planned.
However, we advise all members to change their passwords to the Online Member Service to prevent recycled passwords used with affected online services (non-CMRTO related) from compromising your AMRTO account.
Included is a link to a webpage which lists all of the known major websites and their status, as well as thier recommendation on the sublect of changing you password(s).
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
The CMRTO recommends practising safety over convenience and changing any passwords which have a possibility of exposure.
If you'd like more details or have questions, please contact our IT Administrator, Keith Bentley, at it@cmrto.org.
Thank you,
CMRTO
