The Non-Profit Tech Blog published more details from Dave Crooke at Convio which was posted to the progressive exchange list:
The intruder obtained a login and password belonging to a Convio(GetActive) employee. It appears that their PC was compromised, but we are still investigating - we have sent that PC’s hard drive to a forensic lab for formal analysis. The operating system level integrity of the GetActive production systems was not affected.So, will we need to wait for the forensic analysis before we learn more?
The intruder logged in and downloaded a number of email addresses and passwords belonging to constituents of GetActive client non-profits.