http://www.polldaddy.com/s/CFAB7A90241B949B/

Wednesday, November 07, 2007

Convio isn't the only one "opening" their system

I really wanted to make a joke about the security breach at GetActive this week. I wanted to say that it appears some hacker has done for GetActive what no one at Convio or Kintera seems to be able to do -- let users export their donor data.

However, it's no laughing matter. CARE is one of 92 organizations whose contact email file was breached. They had to send an email to their list on Tuesday telling them about the breach. That can't help online donations.

It's important to understand how hackers pick their targets. No doubt they were working on Kintera and Convio platforms, too, and couldn't figure out how to get inside. They're working on the big platforms because that's where the largest files of email addresses are. I'd be surprised if they're not trying to get into the Obama, Hillary, and now even Ron Paul sites. Not only would they be able to harvest hundreds of thousands of emails addresses, but they'd be able to embarass a public figure.

Internet security is something to be taken seriously. As much as expose the flaws in the major online fundraising platforms, they're probably safer than something your staff cooked up alone. Yes, they also higher profile targets, but they probably have more staff just working on security than you have working on your whole site.

It's also worth commending CARE and others like them who swallowed hard and did the right thing -- telling their most valuable online contacts that there was a serious breach, and giving them hints on how to protect themselves from any phishing that may result.

Rick...

Labels: , , ,

0 Comments:

Post a Comment

<< Home