Home > News Center > Notices to Members

Notices to Members

2014 | 2013 | 2012 | 2011 | 2010 | 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 | 2002 | 2001 | 2000 | 1999 | 1998 | 1997 | 1996

Subscribe to our feed Follow NFA_News on Twitter
Email This to a Friend
Notice I-14-10

April 11, 2014

Information Regarding the "Heartbleed" Security Issue

Recent news reports have raised serious concerns about an Internet security vulnerability that is now being commonly called "Heartbleed." Safeguarding Member data is a top priority at NFA, so we continuously monitor our systems to ensure effective security. NFA has examined its systems and has determined that the NFA website, including the ORS and EasyFile systems, is not vulnerable to the Heartbleed security flaw.

Heartbleed affects OpenSSL—a cryptographic protocol used to encrypt private Internet traffic. If left unpatched, this vulnerability could be exploited to reveal potentially sensitive data over the internet that should otherwise be encrypted. NFA's web servers do not use the version of SSL that was vulnerable to Heartbleed. Consequently, we currently see no need to reset passwords or update certificates at this time.

NFA will continue to work both internally and with its IT vendors to identify any potential areas of susceptibility. As details on the depth and extent of this vulnerability continue to be revealed, NFA will notify its Members if NFA discovers that any Member data may have been compromised or if Members need to take any further action.

NFA is the premier independent provider of efficient and innovative regulatory programs that safeguard the integrity of the derivatives markets.
Site Index | Contact NFA | News Center | FAQs | Career Opportunities | Industry Links | Home
© National Futures Association All Rights Reserved. | Disclaimer and Privacy Policy