I checked my mail and I got a disturbing message from Elance, apparently, someone was able to access confidential user data without authorization, some would call this hacking. I would like to commend Elance for informing us and sending us a holistic and informative email wherein they inform us of what happened, what they have done and what they will do.
It is a ironic as I just came from a two day ethical hacking seminar. What a hit to nail the point on security.
Now, all we can do is hope that this is not a distraction to a more malicious attack.
Message from Elance Below.
|
Dear apanares,
We recently learned that certain Elance user information was accessed without authorization, including potentially yours. The data accessed was contact information -- specifically name, email address, telephone number, city location and Elance login information (passwords were protected with encryption). This incident did NOT involve any credit card, bank account, social security or tax ID numbers.
We have remedied the cause of the breach and are working with appropriate authorities. We have also implemented additional security measures and have strengthened password requirements to protect all of our users.
We sincerely regret any inconvenience or disruption this may cause.
If you have any unanswered questions and for ongoing information about this matter, please visit this page in our Trust & Safety center: http://www.elance.com/p/trust/account_security.html
For information on re-setting your password, visit: http://help.elance.com/forums/30969/entries/47262
Thank you for your understanding,
Michael Culver
Vice President
Elance |
|
|
|