Army & Air Force Exchange Service customers and vendors have expressed concern about security of their information in light of reports about the Heartbleed security flaw.
The Exchange’s online shopping site, shopmyexchange.com, and business partner site, partners.aafes.com, have not been compromised by the Heartbleed security flaw, a vulnerability found in servers that allows hackers to see and collect traffic passing between a server and a web browser once a secure connection is established.
“Because of proactive updates and monitoring, all our systems have been protected,” said Philip Stevens, Exchange executive vice president and chief information officer. “The Exchange is continually updating its systems to protect against security flaws such as Heartbleed, and protecting military shoppers’ personal information remains a priority.”
If Exchange shoppers are concerned about the safety of their data on other web sites, they can protect themselves from the security flaw by changing online passwords for personal banking, shopping, email and social networks. Shoppers are also advised to closely monitor credit cards and bank statements for unknown or fraudulent transactions.