BreachExchange mailing list archives
fringe: Harmony Central Breach
From: security curmudgeon <jericho () attrition org>
Date: Fri, 11 Dec 2009 21:52:25 +0000 (UTC)
Courtesy of a DL reader: ---------- Forwarded message ---------- From: Harmony Central <HarmonyCentral () harmonycentral rsys1 com> Date: Fri, Dec 11, 2009 at 11:11 AM Subject: Harmony Central - Important Message to Our Users View web version. To ensure delivery, please add HarmonyCentral () email HarmonyCentral com to your address book. Harmony Central December 11, 2009 Dear Harmony Central member, Thank you for your participation in the Harmony Central community. We are writing to inform you of an incident that took place on Tuesday, December 8, 2009, and to suggest some steps you may consider in response. What Happened. Someone without authorization temporarily gained access to the Harmony Central site. That person or persons also gained access to our stored member information, which includes e-mail addresses. If you have provided us with other information, like your date of birth, we have also stored that information. Our stored information also includes member passwords, which are protected by multiple levels of encryption. Our Response. Our team stopped this intrusion. We are working hard to further improve the security of the Harmony Central site. We regret that this incident has caused the site to go offline temporarily. We also regret any concern that this incident may cause you. What You Can Do. As noted above, our stored passwords are protected by multiple levels of encryption. However, out of an abundance of caution, we recommend that you reset your password as soon as Harmony Central is available. Also, as always, please remain cautious when responding to e-mail communications. Please remember – no one from Harmony Central will ever ask you for your password or log-in information. No one from Harmony Central will ask you for a credit card number, or Social Security number, or anything of the sort. If you ever receive any message supposedly from Harmony Central asking for that or any personal information, note the sender, delete the email immediately, restart your computer, and alert us to the situation. Never click on any links or attachments contained in an email of this type. We appreciate your patience, and expect to have the site back up soon. Sincerely, Your Harmony Central Team
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- fringe: Harmony Central Breach security curmudgeon (Dec 11)