This week, news has surfaced about a security-related software bug called Heartbleed that is affecting Internet websites. So far, Consumers Energy has not been affected by the bug.
While this security flaw has been present for a couple of years, it has only recently been discovered by security researchers.
About 66 percent of all Internet websites have this exposure. A fix for this flaw is available and news reports indicate that many companies are working quickly to resolve this issue for their websites.
Many websites we use for secure access, such as HTTPS in our Internet browser, banking sites and email may be vulnerable.
The flaw allows cyber attackers — with no access granted to the system they are attacking — to read information from the website they are targeting. They are looking for the IDs and passwords of users/clients who have recently used the site.
What does it mean to me?
Websites that you may utilize on a daily basis could have their usernames and passwords exposed. We recommend you keep a watchful eye on your user accounts and information for possible misuse. If you use a site with sensitive information, contact that business directly to inquire about this risk.
What is Consumers Energy doing?
- The Consumers Energy cyber security team evaluated our websites on Tuesday and the software bug Heartbleed has not been detected.
- We remain vigilant in protecting customer and company data privacy and encourage everyone to keep security in mind.
Residential customers who request new energy service from Consumers Energy or move within our service territory are required to provide identity validating information. This complies with the federal Fair and Accurate Credit Transactions Act of 2003 (FACTA) and helps strengthen the protections that Consumers Energy has in place to safeguard the information of its customers.
If you believe your personal information has been fraudulently used to open or conduct transactions within a Consumers Energy account, please call us at (800) 477-5050.