[SFDXA] ARRL Investigating Web Server Breach

[Bill]

    ARRL Investigating Web Server Breach

10/07/2014

Late last month, a security breach occurred, involving a web server at 
ARRL Headquarters. ARRL IT Manager Mike Keane, K1MK, said that League 
members have no reason to be concerned about sensitive personal 
information being leaked.

Keane said that servers were taken offline and isolated from the 
Internet when the hack was discovered. Certain ARRL web functions --- 
online DXCC in particular --- have been temporarily disabled. The ARRL 
expects to restore service by close of business, on Wednesday, October 8.

In the meantime, the "legacy" URLs (ones containing "p1k.arrl.org") have 
been restored, as has access to the ARRL Periodicals Archive.

Keane stressed that it is highly unlikely that any sensitive information 
was compromised. Any information the hacker might have been able to 
glean from the ARRL server, he said, is already publicly available --- 
data such as names, addresses, and call signs that appear in the FCC 
database.

The hacker may have been able to obtain site usernames and passwords 
that were established prior to April 2010, and that have not been 
changed since then. Members who have not changed their ARRL website 
passwords since early 2010 should do so at this time.

Keane confirmed that it's always prudent to change passwords on a 
routine basis. "That's the best practice," he said.

Keane said that his department is still looking into what types of 
information may have been vulnerable to the hack.

"They were poking around, trying all the doors," he explained. "We don't 
keep anything of value [to a hacker] there. Hackers don't care about 
DXCC totals or want to read the online issue of /QST/. There's nothing 
of financial value there."

Keane said that in addition to reporting the security breach to federal 
law enforcement authorities, his department is working to increase the 
League's Internet security posture.

http://www.arrl.org/news/arrl-investigating-web-server-breach