Update on Heartbleed Security Flaw

You may be aware of reports of a security issue that can affect some web sites, which is being referred to as the “Heartbleed” security flaw. We have been in contact with Fidelity and Jefferson National and can tell you that their customer sites and services do not rely on the versions of the SSL technologies associated with this security issue and both remain safe to use.

According to Fidelity, “our sites offer strong protection. We closely monitor our online environment and have multiple layers of security in place to protect our customer sites and services. We are aware of certain external analysis that purports to assess our site security related to SSL. It is inaccurate in its assessment. Our sites offer strong protection. For security reasons, many of our protections are purposely not visible or detectable externally.”

It is not a good practice to use the same password for multiple sites. Since some Internet sites are affected by this vulnerability, if you do use common passwords for multiple sites, please take the time to update and change your passwords appropriately, including changing the password you use to access Fidleity’s and Jefferson National’s (if applicable) sites and services.