Over the Easter weekend, our systems were the target of a malicious attack, and recovery required extensive downtime and Read-Only restrictions. We apologize for any inconvenience this event may have caused. Now that services have been fully restored, we would like to provide you with additional information.
1. What Happened
At approximately 8 a.m. on Saturday, April 3, 2010, several members reported experiencing a problem with our photo software, which in many cases began triggering warnings from antivirus utilities. We examined our system, and discovered that a database exploit had been used to inject a false and malicious message that was intended to direct users to download and install some kind of software (we can only presume it carried malicious code, such as a virus or Trojan).
No member, customer, or other personal information was compromised or accessed as a result of this hack. However, a system compromised by the software presented by the hack during the brief window it was in place may be at risk. Please see “What You Can Do” below.
2. How We Responded
Our team worked through the Easter weekend to respond to this hacking incident. We first removed the malicious message and link, and plugged the hole used to modify our system. We then looked at our entire database to assess any damage done. After verifying that the hack affected a single column of data, our IT team was able to restore the complete database from a backup.
Of course, over the next few days, we will be taking a deep look at our code, application, and servers to ensure there are no other vulnerabilities. The affected code is older code related to sites and services that we are already in the process of phasing out.
3. What You Can Do
If you used our photo system over the weekend, we highly recommend conducting a complete virus and malware scan of your computer. If your system is already protected with up-to-date internet security software (Norton, McAfee, Kaspersky, AVG, etc.), these scans should be conducted automatically. However, it couldn’t hurt to initiate a full review.
If you downloaded or installed the software presented by the hack, you may need to take more thorough steps to remove it, beginning with checking for unfamiliar Applications through the Windows Add/Remove Programs control panel. Most modern virus and malware scanners should be able to detect hidden software on your system, but because these hacks often attempt to disable specific security utilities, we’d encourage using more than one.
Either way, we strongly recommend protecting your systems with antivirus and internet security utilities, and keeping them current. Some are commercial, but several are free. There are also services to allow you to scan your system through an online service. For example, you can use the following free online virus scans from Symantec or Trend Micro:
Finally, because we restored our services via a backup, we recommend you check your listings for changes made after Friday, April 3, 2010.
4. Thank You!
We appreciate the diligence and prompt reporting of our membership, allowing us to respond quickly and get our systems back online as soon as possible. Thank you for your understanding and patience. If you have any questions or concerns relating to this matter, please don’t hesitate to contact me.