Valley First

Heartbleed Bug Not An Issue

Heartbleed bug does not affect Valley First’s banking platforms
April 10, 2014

Penticton, B.C.—Amidst concerns over the Heartbleed web security bug—a vulnerability in the popular OpenSSL cryptographic software library—Valley First has confirmed that its direct banking platforms are safe and secure. Valley First’s online channels do not use OpenSSL, the technology affected by Heartbleed.

Valley First’s direct online banking services are provided by Central 1, the primary liquidity manager, payments processor and trade association for most credit unions in B.C. and Ontario. Yesterday, Central 1 released the following statement regarding the Heartbleed bug:

On April 7, 2014, Central 1 became aware of the concerns with regard to an Internet software security flaw know as Heartbleed and immediately began an assessment to determine the impact, if any, to our services.

OpenSSL, the technology affected by Heartbleed, is not used by MemberDirect® Server Farm, so our system is not affected.

This means that the Heartbleed bug does not pose a threat to any of the direct banking platforms including MemberDirect Online Services, MemberDirect Integrated Services, MemberDirect Mobile Services (web and apps) MemberDirect Small Business and MemberDirect Business.

Central 1 has also confirmed that our CAFT application does not use the OpenSSL technology, and is therefore not vulnerable to this issue.

Central 1 maintains a variety of systems beyond MemberDirect and is systematically reviewing them based on order of criticality. Any vulnerable systems are being patched, with high priority, through our change management process. If material impacts are discovered, credit unions will be notified by our Computer Security Incident Response Team.

The Heartbleed bug takes advantage of a software defect that allows hackers to access web-encrypted sites and potentially access users’ personal information such as bank account numbers and passwords.

Users who want to take additional precautions to protect sensitive information may wish to change their passwords. However, they should not do this until they have confirmation that the site or application has been patched to address this issue.

More info on the Heartbleed bug is available here.

For more information on how Valley First protects its members’ and clients’ information, click here.

About Valley First

Valley First is a division of First West Credit Union, B.C.'s third-largest credit union, which has 39 branches and 28 insurance offices throughout the Lower Mainland, Fraser Valley, Kitimat and Okanagan, Similkameen and Thompson valleys. Led by Launi Skinner, First West has $7.7 billion in assets under administration, more than 177,000 members and close to 1,300 employees.

Have a question? We can provide you with the information you're looking for.


Use our contact form to send us a message—we'll be sure to reply to you with the details you're looking for shortly.

In Person

If you're more comfortable coming in to see us, we'd be happy to chat with you about the questions you have.

By Phone

If you’d like to call us, here is a complete list of our branch and insurance office numbers.



Social Feed

Visit us on Facebook or Twitter

Sign up for our e-Newsletter