funsec mailing list archives
Attackers Snatch Member Data from 92 Nonprofit Organizations
From: "Paul Ferguson" <fergdawg () netzero net>
Date: Tue, 13 Nov 2007 00:55:10 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via eWeek. [snip] Attackers have stolen passwords and accounts from 92 nonprofits by infiltrating systems at Convio, the leading online marketing company for nonprofits. Affected nonprofit organizations include the American Museum of Natural History, Working Assets, CARE and Free Press. According to a letter sent by Convio to one of the affected organizations, the e-mail addresses and member passwords were downloaded without authorization from 92 GetActive clients between Oct. 23 and Nov. 1. GetActive is an application that Convio acquired with the nonprofit eCRM software company, also named GetActive, in February. The attacker or attackers had prepared to steal the same information from another 62 GetActive clients, but the attempt was foiled when Convio discovered the breach late in the day on Nov. 1. [snip] More: http://www.eweek.com/article2/0,1759,2215792,00.asp - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHOPXsq1pz9mNUZTMRAgJMAKC/6IZze14UT8Bjq5QoT8e2A7z2fACgjB8R wKrSAKJ0Fx9n5sy/vT/TkBM= =ZS5z -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Attackers Snatch Member Data from 92 Nonprofit Organizations Paul Ferguson (Nov 12)