Techsoup Site Security Breach: Visitors Urged to Take Precautions

Lori Halley 07 August 2008 3 comments

Techsoup.org, one of the best non-profit resources online, has suffered an SQL Injection attack. The site was taken down promptly when suspicious activity was identified, but Techsoup account holders and anyone who has visited the site in the past few days are urged to take security precautions immediately.

These types of attacks are known to exploit website vulnerabilities with the intent of distributing viruses and malware.  We do not yet know all the details of this attack at this time.  We do not have any specific evidence that malware or viruses were actually distributed; however, it is possible that people who visited our websites between 8:00PM PDT, Tuesday August 5, 2008 and 7:45AM PDT, Wednesday August 6, 2008 could have been exposed to viruses or malware.  The impacted sites are:
  • www.techsoup.org
  • www.techsoup.org/stock
  • www.techsoup.org/mar
  • www.compumentor.org

We are advising anyone who visited any of the listed websites, during the hours noted above, to:

  • Make sure your anti-virus software definitions are up-to-date.
  • Run a scan of your hard drive to ensure no viruses or malware show up and follow the instructions to quarantine them.
  • Review the information at http://www.us-cert.gov/cas/tips/ about managing viruses.
  • Please continue to check this webpage (which is safe!) for further updates.

There's no specific reason to believe that the personal data of any site user has been compromised, Techsoup notes, but takes the opportunity to remind its site users to follow recommended “best practices” for safe computing. We hope that Techsoup, a vital resource for the non-profit sector, is able to resolve this issue quickly.

It's as well to note that Techsoup is far from being alone in suffering a security breach of this nature. A security attack on Convio's GetActive software systems last year resulted in personal data being accessed by an unauthorized third-party, and Microsoft justrecently issued a security advisory to warn of an increase in SQL Injection attacks.

This most recent attack is just another reminder that security is a critical issue -- and it's only going to become more important, as time goes on, as web users demand more and more interactivity from their online experience.

You could call this the "down side" of Web 2.0.

Many websites are happily installing various modules on their servers – discussion boards, listservs etc. -- and you need to remember that each one of these can be a potential doorway into your server.Check that there are no open security issues reported, change the passwords on your online accounts at least once a month, and keep your operating system and other software updated with the latest security patches.

"Balancing security and functionality is very tough," Wild Apricot's Dmitry Buterin confirms. "Many times we had to not release certain features that are very common at many other sites-- but we had to postpone it to ensure the security of our overall system."


Get a Special Report on Simplifying Membership Management

Enter your email and receive this special report in your inbox.
Lori Halley [Engaging Apricot] Lori Halley [Engaging Apricot]

Posted by Lori Halley [Engaging Apricot]

Published Thursday, 07 August 2008 at 6:02 PM

Get a Special Report on Simplifying Membership Management

Enter your email and receive this special report in your inbox.

Comments

  • Marnie Webb said:

    Thursday, 07 August 2008 at 11:04 AM

    Marnie Webb, here, co-CEO of TechSoup. Thanks for helping to spread the word about the precautionary actions that users can take. We posted the ones you quoted above and also made some other recommended actions.

    I do want to emphasize that we have no reason to believe that our users personal data was compromised but do want to remind people, as you state so well above, to take appropriate security measures with regard to passwords.

  • Lori Halley [Engaging Apricot] Lori Halley [Engaging Apricot]

    Lori Halley [Engaging Apricot] said:

    Thursday, 07 August 2008 at 1:05 PM

    Thanks for this, Marnie. And we'll remind people that status updates (as well as your security recommendations) are posted at http://www.techsoup.org/index.html ... and it looks like the site is coming back into operation now.

    Note: the advice to update software and change passwords is still applicable, of course -- for anyone who is online, not just Techsoup users!

  • Lori Halley [Engaging Apricot] Lori Halley [Engaging Apricot]

    Lori Halley [Engaging Apricot] said:

    Friday, 08 August 2008 at 6:03 PM

    We're pleased to see that Techsoup service is now restored: http://www.techsoup.org/maintenance/page10338.cfm

Sorry, this blog post is closed for further comments.

Search: WildApricot.com 

About results ( seconds) Sort by: 
Sorry, an error occured when performing search.