Comments on: Techsoup affected by Convio security breach, too http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too Confessions of a Non-Profit Executive Director Sat, 13 Mar 2010 11:46:18 -0500 http://wordpress.org/?v=abc hourly 1 By: Matthew Palmer http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too/comment-page-1#comment-82400 Matthew Palmer Fri, 30 Nov 2007 22:05:22 +0000 http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too#comment-82400 Hi Allan, Sure, I'd be glad to address that. TechSoup learned from Convio on Monday, November 19th that we were one of their customers affected by the breach. That same day we issued an email to all of our email newsletter subscribers who had passwords on file with Convio alerting them that their email address and password were potentially compromised and recommending they change their passwords on any other sites that use that email address to log in. TechSoup has also taken additional steps to notify our subscribers including communicating via email with all newsletter subscribers (including those without Convio passwords), sending a reminder email to subscribers with passwords, posting notices and an FAQ on our website, and answer customer questions by phone and email. Convio has helped us answer questions from TechSoup members with their Security Hotline, which has been available since TechSoup first announced the breach. Sincerely, Matt Hi Allan,

Sure, I’d be glad to address that. TechSoup learned from Convio on Monday, November 19th that we were one of their customers affected by the breach. That same day we issued an email to all of our email newsletter subscribers who had passwords on file with Convio alerting them that their email address and password were potentially compromised and recommending they change their passwords on any other sites that use that email address to log in.

TechSoup has also taken additional steps to notify our subscribers including communicating via email with all newsletter subscribers (including those without Convio passwords), sending a reminder email to subscribers with passwords, posting notices and an FAQ on our website, and answer customer questions by phone and email. Convio has helped us answer questions from TechSoup members with their Security Hotline, which has been available since TechSoup first announced the breach.

Sincerely,
Matt

]]> By: Allan Benamer http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too/comment-page-1#comment-80826 Allan Benamer Wed, 28 Nov 2007 14:08:29 +0000 http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too#comment-80826 Hey Matt, this is a little late to reply but can you tell us why Techsoup took so long to send out the notification? Convio sent it out in early November. The way I see it, Techsoup took more than two weeks to send that notification to its members. Am I missing something here? Hey Matt, this is a little late to reply but can you tell us why Techsoup took so long to send out the notification? Convio sent it out in early November. The way I see it, Techsoup took more than two weeks to send that notification to its members. Am I missing something here?

]]> By: Matthew Palmer http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too/comment-page-1#comment-79503 Matthew Palmer Mon, 26 Nov 2007 21:21:37 +0000 http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too#comment-79503 As an employee of TechSoup, I wanted to respond to the discussion of the security breach at Convio because our members' information was among the data that was illegally accessed. Just hours after learning from Convio that TechSoup was one of the 92 nonprofits whose information was stolen, we notified affected members rather than waiting until after Thanksgiving. We took the further step of notifying all TechSoup email subscribers and posting messages on our website to let nonprofits know we are working closely with Convio and that we take this incident very seriously. I appreciate your efforts to help us spread the word about the break-in at Convio and its impact for TechSoup's members. Sincerely, Matthew Palmer TechSoup As an employee of TechSoup, I wanted to respond to the discussion of the security breach at Convio because our members’ information was among the data that was illegally accessed.

Just hours after learning from Convio that TechSoup was one of the 92 nonprofits whose information was stolen, we notified affected members rather than waiting until after Thanksgiving. We took the further step of notifying all TechSoup email subscribers and posting messages on our website to let nonprofits know we are working closely with Convio and that we take this incident very seriously.

I appreciate your efforts to help us spread the word about the break-in at Convio and its impact for TechSoup’s members.

Sincerely,
Matthew Palmer
TechSoup

]]> By: Allan Benamer http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too/comment-page-1#comment-76743 Allan Benamer Thu, 22 Nov 2007 02:14:54 +0000 http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too#comment-76743 Well this is <a href="http://www.techsoup.org/fb/index.cfm?fuseaction=forums.showSingleTopic&forum=2028&id=70093" rel="nofollow">good news...</a> "Please note that these passwords are only for the Convio system, meaning that they only control your email newsletter preferences. No passwords relating to your log in at TechSoup or TechSoup Stock were stolen. Also, no financial information was stolen. " Well this is good news…

“Please note that these passwords are only for the Convio system, meaning that they only control your email newsletter preferences. No passwords relating to your log in at TechSoup or TechSoup Stock were stolen. Also, no financial information was stolen. “

]]> By: Beth Kanter http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too/comment-page-1#comment-76715 Beth Kanter Thu, 22 Nov 2007 01:44:05 +0000 http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too#comment-76715 I left a question on the forum about the netsquared list ... boy, I hope the instance of credit fraud that just happened to me isn't due to this ... although my bank told me it might had more to do with buying gas with credit card. I guess if we want to stay in the loop on the conversation about this, we should go over to the forum at TechSoup .. I left a question on the forum about the netsquared list … boy, I hope the instance of credit fraud that just happened to me isn’t due to this … although my bank told me it might had more to do with buying gas with credit card. I guess if we want to stay in the loop on the conversation about this, we should go over to the forum at TechSoup ..

]]> By: Allan Benamer http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too/comment-page-1#comment-76531 Allan Benamer Wed, 21 Nov 2007 17:32:32 +0000 http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too#comment-76531 Yeah, it's called typing at near-freakout speeds. Sigh. Yeah, it’s called typing at near-freakout speeds. Sigh.

]]> By: Beth Kanter http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too/comment-page-1#comment-75989 Beth Kanter Wed, 21 Nov 2007 00:38:27 +0000 http://www.nonprofittechblog.org/techsoup-affected-by-convio-security-breach-too#comment-75989 Wow, you posted this fast .. .I hadn't ever blogged it yet http://beth.typepad.com/beths_blog/2007/11/security-update.html Wow, you posted this fast .. .I hadn’t ever blogged it yet
http://beth.typepad.com/beths_blog/2007/11/security-update.html

]]>