Just a few days into the New Year, security researchers released reports on two major flaws that exploit vulnerabilities in central processing units, or CPUs. CPUs run everything from computers to phones to flat screen TVs, so the risk is significant – and widespread. These two security vulnerabilities are known as Meltdown and Spectre.
Although there have been no known attacks from Meltdown and Spectre, these vulnerabilities could allow cybercriminals to read the memory of a vulnerable system, which could potentially include passwords or other sensitive data stored on the CPU. So, we're closely monitoring them and doing our part to protect our members' personal information.
Rest assured that BECU is taking the appropriate steps to address this potential risk.
As part of our standard vulnerability management program, BECU aggressively monitors for potential vulnerabilities and prioritizes mitigation to ensure critical systems are safe. BECU has reviewed all systems within our environment to identify suspect versions, and will apply vendor patches as necessary to complete our due diligence.
What you can do?
Software and hardware manufacturers will release fixes and patches for Meltdown and Spectre, along with other vulnerabilities. We recommend installing these updates as soon as they're available. Turning on automatic updates will help protect your software and devices.
We will continue to monitor for additional fixes and attack scenarios, and will update this post if we have more information to share. If you have questions, please contact a BECU representative at 800.223.2328.