Post by Rebecca Brackmann on Feb 14, 2018 17:44:32 GMT
Dear fellow philologists:
Our website, www.thekpa.org has been attacked and currently has malware embedded in it. This includes the page used for registration for the 2018 conference.
Here’s what we know:
• YOUR CREDIT CARD NUMBER HAS NOT BEEN COMPROMISED BY REGISTERING AND USING THE ONLINE PAYMENT OPTION. If you registered and selected the “pay by credit card” option, you were redirected to a page at authorize.net, with whom we have contracted for collecting payments. Their page meets all federal security standards and was in no way affected by the malware on our site.
• It’s possible that your address and last 4 digits of your card have been read. Here’s what Craig (our webmaster) told me: “the files with all the cc receipt information from current and past (last three years) could have been stolen. No reason to believe it has, but if someone could put stuff in the web site, they certainly COULD have read those files. Credit card receipt information includes the last four card digits, card type, and person's name and address.” If you filled in the optional phone number blank, then that is also listed on the receipts.
• If you registered before this week, there’s a good chance that information entered on the KPA registration page was read. Your name, institution’s name, email address, and sandwich preference were probably harvested from our page. If you registered in the last few days, after Craig re-enabled registration from a different page, you’re OK as far as this goes.
Here’s what it probably means for you:
• Many of our institutions have our emails visible in an outward-facing directory that can be machine-read anyway, so bots have been floating around snagging them for years. Don’t panic—these hackers are unlikely to know anything they couldn’t have already gotten (except your sandwich preference).
• We don’t think this increases your risk of identity theft. You may get more spam sent to your email, and it’s possible someone will “spoof” your name and email address to send spam, but again, this was probably already within the hackers’ capabilities. Even the information that the might have lifted from the receipts is all easily accessible through other avenues. Follow basic precautions, keep an eye on the charges showing up on your cards, perhaps update your passwords if they’re stale, and you should be OK.
• However, there is some risk that machines used to access the KPA’s website have been infected by malicious software. Here is Craig’s assessment: “Current anti-virus and firewalled machines will probably be fine. Personal machines should be malware-checked.”
• If your campus has reasonable safeguards on your office computers, and that’s all you’ve used to access our site, you’re probably fine. If you have used a personal computer or device to navigate to the page, and you don’t have a firewall or routine anti-virus and malware scan in place, you need to make sure your computer isn’t compromised.
Here’s what we are going to do to finish registration for KPA 2018:
• Craig has re-built the registration from the ground up, on a page that he knows is clean (it’s actually on his personal site, which is a bit unusual but we needed to do this quickly). He’ll have other information there as well, such as the draft program. Here is a direct link to it: openclasses.org/kpa_reg/ .
• We will link to this new page, and post hotel information and all other conference information on our KPA facebook page. Search FB for “Kentucky Philological Association” to find the page.
• For those not on Facebook, we also have the KPA forum at kpa-in-action.freeforums.net/board/1/general-discussion. I will create a thread for the 2018 conference. I will also create a thread for questions and discussions of the site hacking if anyone wants to discuss things there.
If you have questions or concerns, please do feel free to contact our webmaster directly: Craig Steffen, craigsteffen@gmail.com , 217-979-2392.
Associate Professor of English Lincoln Memorial University
KPA Executive Director
Our website, www.thekpa.org has been attacked and currently has malware embedded in it. This includes the page used for registration for the 2018 conference.
Here’s what we know:
• YOUR CREDIT CARD NUMBER HAS NOT BEEN COMPROMISED BY REGISTERING AND USING THE ONLINE PAYMENT OPTION. If you registered and selected the “pay by credit card” option, you were redirected to a page at authorize.net, with whom we have contracted for collecting payments. Their page meets all federal security standards and was in no way affected by the malware on our site.
• It’s possible that your address and last 4 digits of your card have been read. Here’s what Craig (our webmaster) told me: “the files with all the cc receipt information from current and past (last three years) could have been stolen. No reason to believe it has, but if someone could put stuff in the web site, they certainly COULD have read those files. Credit card receipt information includes the last four card digits, card type, and person's name and address.” If you filled in the optional phone number blank, then that is also listed on the receipts.
• If you registered before this week, there’s a good chance that information entered on the KPA registration page was read. Your name, institution’s name, email address, and sandwich preference were probably harvested from our page. If you registered in the last few days, after Craig re-enabled registration from a different page, you’re OK as far as this goes.
Here’s what it probably means for you:
• Many of our institutions have our emails visible in an outward-facing directory that can be machine-read anyway, so bots have been floating around snagging them for years. Don’t panic—these hackers are unlikely to know anything they couldn’t have already gotten (except your sandwich preference).
• We don’t think this increases your risk of identity theft. You may get more spam sent to your email, and it’s possible someone will “spoof” your name and email address to send spam, but again, this was probably already within the hackers’ capabilities. Even the information that the might have lifted from the receipts is all easily accessible through other avenues. Follow basic precautions, keep an eye on the charges showing up on your cards, perhaps update your passwords if they’re stale, and you should be OK.
• However, there is some risk that machines used to access the KPA’s website have been infected by malicious software. Here is Craig’s assessment: “Current anti-virus and firewalled machines will probably be fine. Personal machines should be malware-checked.”
• If your campus has reasonable safeguards on your office computers, and that’s all you’ve used to access our site, you’re probably fine. If you have used a personal computer or device to navigate to the page, and you don’t have a firewall or routine anti-virus and malware scan in place, you need to make sure your computer isn’t compromised.
Here’s what we are going to do to finish registration for KPA 2018:
• Craig has re-built the registration from the ground up, on a page that he knows is clean (it’s actually on his personal site, which is a bit unusual but we needed to do this quickly). He’ll have other information there as well, such as the draft program. Here is a direct link to it: openclasses.org/kpa_reg/ .
• We will link to this new page, and post hotel information and all other conference information on our KPA facebook page. Search FB for “Kentucky Philological Association” to find the page.
• For those not on Facebook, we also have the KPA forum at kpa-in-action.freeforums.net/board/1/general-discussion. I will create a thread for the 2018 conference. I will also create a thread for questions and discussions of the site hacking if anyone wants to discuss things there.
If you have questions or concerns, please do feel free to contact our webmaster directly: Craig Steffen, craigsteffen@gmail.com , 217-979-2392.
Associate Professor of English Lincoln Memorial University
KPA Executive Director
