Information for members Re: Heartbleed bug

After learning of the security vulnerability posed by the "Heartbleed" bug, the CMRTO wanted to address concerns identified in recent news stories. This bug is related very specifically to a product called OpenSSL which is used to secure website traffic and protect data in transmission.

We have reviewed our systems and none of the CMRTO websites or direct services use the OpenSSL product so we are not directly at risk. We can confirm that the safeguards we have in place are functioning as expected and planned.

However, we advise all members to change their passwords to the Online Member Service to prevent recycled passwords used with affected online services (non-CMRTO related) from compromising your CMRTO account.

Included is a link to a webpage which lists all of the known major websites and their status, as well as their recommendation on the subject of changing your password(s).


The CMRTO recommends practising safety over convenience and changing any passwords which have a possibility of exposure.

If you’d like more details or have questions, please contact our IT Administrator, Keith Bentley, at

Thank you,