Personal tools
You are here: Home News 2008 TechSoup Suffers Attack
 

TechSoup Suffers Attack

TechSoup, known as "The Technology Place for Nonprofits," has suffered a SQL Injection attack on its websites and warns visitors to check their computers.

TechSoup Suffers Attack

TechSoup's websites suffered a SQL Injection attack, a type of attack that is known to exploit website vulnerabilities with the intent of distributing viruses and malware.

TechSoup.org released this statement to its customers:

We do not have any specific evidence that malware or viruses were actually distributed; however, it is possible that people who visited our websites between 8:00PM PDT, Tuesday August 5, 2008 and 7:45AM PDT, Wednesday August 6, 2008 could have been exposed to malware or viruses. We are advising anyone who visited any of the listed websites, during the hours noted above, to:

  • Make sure your anti-virus software definitions are up-to-date.
  • Run a scan of your hard drive to ensure no viruses or malware show up and follow the instructions to quarantine them.
  • Review the information at http://www.us-cert.gov/cas/tips/ about managing viruses.

We also advise you to update your operating system and other software with the latest security patches.  While most software will alert you of any updates automatically, you should run Windows Update on Windows, Software Update on Mac OS X, and for any other applications that you frequently use.  For many applications, look in the “Help” menu for information on updates.  Check the software documentation if you cannot find that information. 

While we have no reason to believe that this issue has compromised any personal data, we do want to take this opportunity to remind all of our customers and visitors to practice “best practices” with regard to protecting your online identity and data.  Take the time necessary to secure your information by changing the passwords on your online accounts.  “Best practices” recommend that you change your passwords regularly (at least once a month) to keep your system information secure.  This time investment will pay big dividends in risk prevention. For additional security tips, see http://blog.techsoup.org.

 

The sites impacted by this attack are:

  • www.techsoup.org
  • www.techsoup.org/stock
  • www.techsoup.org/mar
  • www.compumentor.org
Document Actions
A Service Provided by ChurchEasy