Privacy Security

Heartbleed FAQ

Was State Farm® Impacted by Heartbleed?

We are aware of the Heartbleed bug, and at this time have no reason to believe our customers' data has been exposed in any way.

How do you Know State Farm was not Impacted by Heartbleed?

A combination of cyber-security detective technologies and cyber-intelligence resources has shown no indication that State Farm customer information has been compromised as a result of this issue.

What Steps Does State Farm Take to Detect/Prevent These Types of Situations?

State Farm believes in keeping customer data secure. We continually invest in new technologies to ensure the utmost security for our systems and customer information.

In situations like Heartbleed, State Farm follows best practices and responds as quickly as possible.

For Heartbleed, State Farm immediately worked to patch any systems that would have been vulnerable to the Heartbleed issue, and working with industry experts and cyber-security professionals, re-issued any related security certificates (SSL certificates) on the affected systems.

Did State Farm Re-issue the SSL Certificates for Their Websites?

Yes. State Farm immediately worked to patch any systems vulnerable to the Heartbleed issue, and working with industry experts and cyber-security professionals, re-issued any related security certificates (SSL certificates) on the affected systems.

What Should I do Now?

We are asking all customers who use our online resources to change their password the next time they login to our system.

We agree with cyber security experts who recommend customers regularly change their passwords and use strong passwords to protect their information.