BreachExchange mailing list archives
TR: [funsec] Attackers Snatch Member Data from 92 NonprofitOrganizations
From: "HINDERER Vincent" <vhinderer () lexsi com>
Date: Tue, 13 Nov 2007 18:52:54 +0100
-----Message d'origine----- De : funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] De la part de Paul Ferguson Envoyé : mardi 13 novembre 2007 01:55 À : funsec () linuxbox org Objet : [funsec] Attackers Snatch Member Data from 92 NonprofitOrganizations -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via eWeek. [snip] Attackers have stolen passwords and accounts from 92 nonprofits by infiltrating systems at Convio, the leading online marketing company for nonprofits. Affected nonprofit organizations include the American Museum of Natural History, Working Assets, CARE and Free Press. According to a letter sent by Convio to one of the affected organizations, the e-mail addresses and member passwords were downloaded without authorization from 92 GetActive clients between Oct. 23 and Nov. 1. GetActive is an application that Convio acquired with the nonprofit eCRM software company, also named GetActive, in February. The attacker or attackers had prepared to steal the same information from another 62 GetActive clients, but the attempt was foiled when Convio discovered the breach late in the day on Nov. 1. [snip] More: http://www.eweek.com/article2/0,1759,2215792,00.asp - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHOPXsq1pz9mNUZTMRAgJMAKC/6IZze14UT8Bjq5QoT8e2A7z2fACgjB8R wKrSAKJ0Fx9n5sy/vT/TkBM= =ZS5z -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- TR: [funsec] Attackers Snatch Member Data from 92 NonprofitOrganizations HINDERER Vincent (Nov 13)