Tuesday, November 6

Was an employees login stolen?

The Non-Profit Tech Blog published more details from Dave Crooke at Convio which was posted to the progressive exchange list:

The intruder obtained a login and password belonging to a Convio(GetActive) employee. It appears that their PC was compromised, but we are still investigating - we have sent that PC’s hard drive to a forensic lab for formal analysis. The operating system level integrity of the GetActive production systems was not affected.

The intruder logged in and downloaded a number of email addresses and passwords belonging to constituents of GetActive client non-profits.
So, will we need to wait for the forensic analysis before we learn more?

1 comment:

Anonymous said...

I have a couple friends who work at Convio and I have been trying to figure out if heads rolled over this. I mean, someone should have been fired, right?