"Heartbleed" - Internet Vulnerability
On April 7th, a serious vulnerability, dubbed "Heartbleed", was uncovered and publicly disclosed by security researchers. This vulnerability exists in certain versions of OpenSSL, a widely-used cryptographic library that enables SSL (Secure Sockets Layer) and TLS (Transport Security Layer) encryption.
The vulnerability relies on a bug in the implementation of OpenSSL's "heartbeat" feature, hence the "Heartbleed" name. When exploited, this vulnerability enables an attacker to trick a system into revealing chunks of data residing in its memory. This attack can lead to a server leaking private SSL keys, usernames/passwords and other sensitive data. Many well-known sites have been reported as vulnerable to attack.
Community Bank's website environment utilizes network load balancers, which manage SSL encryption and decryption. These load balancers do operate an implementation of OpenSSL; however, the version running is NOT vulnerable to this bug.
Additional information can be found here regarding this vulnerability: