Bulgarian Bank Was Affected by HEARTBLEED Mind the horns!

The electronic banking server of First Investment Bank (FIB) has been affected by a security breach, known as Heartbleed, Bivol learned.

Bivol was the first Bulgarian media to alert about the risks of Heartbleed on its Facebook profile, in the morning on April 8, 24 hours before the news reached a wider audience. Our IT team immediately took steps to secure the site for anonymous submission of information – Balkanleaks.

The security breach in FIB’s server was closed after a customer of the bank and reader of Bivol alerted the IT department, which responded immediately. However, the Bank is yet to officially announce anything about it and has not informed its clients of potential risks.

Bivol inquired with the Bank’s Department of E-banking whether there has been any vulnerability and received the following reply:

“There was no danger because as soon as the problem arose, the appropriate action was undertaken.”

Heartbleed allows hackers to break the security protocol between the browser and the server and to steal encryption keys, passwords, and information about bank cards. Global giants like Facebook, Google, Yahoo and others have been affected and many of them advised their customers to change their passwords.

What is especially annoying is that the security breach existed for about two years and we don’t know whether it has been used by malicious groups to obtain sensitive information.

This means that the actions taken after the discovery the problem are not enough!

A complete inventory and regeneration of the keys of all servers using buggy versions of OpenSSL is a must, and all users need to change their passwords .