What is the Heartbleed bug?
The Heartbleed bug is a flaw to encryption software that protects some websites and could expose personal information, such as user names and passcodes.
Is M&T’s website vulnerable to the Heartbleed bug?
We have not experienced any issues related to the Heartbleed bug. Please be assured that M&T Web Banking® and M&T Mobile Banking services do not use the encryption software that is vulnerable to the Heartbleed bug.
What should you do?
Although our website is not directly vulnerable to the Heartbleed bug, it is a good idea to use a unique user name and passcodes on our services, and change your passcodes regularly. Having user names and passcodes that are used only at M&T Bank and conducting periodic passcode changes are components of an overall approach to protecting personal information. Please review guidelines on how you can protect your information. We also offer services, such as alerts, that will help you monitor transactions on your accounts through text, email or notifications through our mobile app.
What we are doing to protect your information?
Information security is extremely important to M&T Bank. We work diligently to maintain high-levels of security and use sophisticated technologies to protect customer accounts and information. We are committed to safeguarding your accounts and information and are vigilantly monitoring this situation.
At M&T Bank, we are committed to helping you protect your personal and financial information - whether you're banking online, by phone or at one of our branches. We want to help you protect your personal information and financial assets by providing the following information and tips.
Report Fraud Immediately
If you believe you have been a victim of fraud related to your M&T accounts, notify us immediately at 1-800-724-2440, so that we can take action to help you. If you think you may have been a victim of identity theft, please visit our Identity Theft page for more information.
- Unless you initiated the contact, M&T Bank will NOT request your personal information (e.g., account number, Social Security number or mother's maiden name) through email, U.S. mail or by phone
- Never give out personal information in response to an unsolicited call or email
Federal Trade Commission (FTC)
The Identity Theft Resource Center
The U.S. Department of Justice