The Heartbleed security flaw had many large companies updating their servers last week. Now it’s time for customers to change their passwords.
San Antonio-based USAA released updated information Thursday warning clients about the security flaw.
The Heartbleed defect put millions of passwords, credit card numbers and other personal information at risk for theft.
USAA told clients it had taken precautions as it was notified of the software issue. The finance and security company did not receive an upgrade to its hosting website service until Wednesday.
“In light of this new information, and as a precaution, we recommend that USAA members change their passwords on usaa.com as soon as possible,” stated the USAA website.
With more than 10 million members with access to the USAA website, the risk was huge. USAA, however, stated there was no indication earlier security certificates were compromised.
“This issue is a significant event for all online consumers and has received widespread attention, causing concern,” said Nicole Alley, of USAA. “This is why we have communicated with our members about the steps USAA has taken to mitigate the risk from the bug. Communicating regularly with our members about cyber threats and how they can protect themselves is part of our ongoing commitment to helping our members stay secure.”
The Better Business Bureau released information warning consumers and business about Heartbleed earlier this month.
Businesses should immediately check to see if their websites use vulnerable software, according to the BBB. If vulnerability exists, businesses should work with their IT departments or computer professionals to install a more secure software for their website.
The Associated Press contributed to this report.