Experts have discovered a major flaw in the security software used by many Web sites — including banks, e-mail and social media services — that may expose users’ names and passwords, the content of their communications, and their data, to anyone who knows how to exploit the weakness. The bug, which is referred to as “HEARTBLEED” in the media, affects software called OpenSSL, which operates on many servers on the Internet and is meant to keep data secure.
Hortica Insurance and Employee Benefits’ website was not affected by the Heartbleed/Open SSL security flaw. There is no immediate need to change your “Members Only” password.
Hortica does recommend that you change passwords on all websites that you have used that were affected. With an issue that affects virtually every site and service on the Internet, it’s fair to assume your passwords were potentially compromised. However, there is little point in rushing to do it before the sites have patched and updated, otherwise your new passwords will also be exposed to the same issue.
A partial list of larger websites and their status can be found here: http://www.cnet.com/news/which-sites-have-patched-the-heartbleed-bug/
Watch the news and contact the companies whose websites aren’t on the list and determine whether they weren’t affected or have patched the vulnerability.