SPGB Website

1 post / 0 new
whichfinder's picture
whichfinder
Offline
Joined: 9-04-10
Jul 8 2018 11:04
SPGB Website

IMPORTANT - PLEASE READ

Yesterday the Socialist Party of Great Britain's Internet Committee discovered that a malicious third party had gained control of the Party's web server on worldsocialism.org.
If you have ever used the websites hosted on worldsocialism.org, please read this message carefully to understand what has happened and what you must do to secure your personal data.

Once the Internet Committee became aware of the attack, we immediately took the web server (and its co-hosted mail server) offline and began taking steps to assess and repair the damage. Our initial assessment is that the attack took place approximately one week ago and that it was effected through a security flaw in the content management system (CMS) that powers the SPGB website. The identity of the attacker is not currently known to us.

The evidence we have examined so far suggests that the attacker had the opportunity to access almost all information stored on the web server, including the SPGB forum's user database. The user database stores passwords in a secure manner, so it is unlikely that the attacker was able to see them. However, the attacker may have been intercepting data submitted through the SPGB website from the time of the attack until yesterday evening. This means that if you logged into the SPGB forum on worldsocialism.org, then the attacker may have your username and password. In any case, if you use the same username/password or e-mail/password combination on both the SPGB forum and on other websites, we advise you to change your password on those other websites immediately.

If you entered any other kind of information (such as submitting a contact form or sending a private message on the SPGB forum) on the websites of the SPGB, the World Socialist Movement, the Socialist Party of Canada, or the World Socialist Party of New Zealand, then for now you should proceed on the assumption that that information has been exposed to the attacker.

We are still working to assess the extent of the attack and to repair the damage, and we will attempt to notify any and all affected users directly once we are able to gather their contact details from the relevant databases. So far we have been able to restore the mail server(but not the webmail interface) and the Socialist Party of Canada website. We hope to be able to restore the webmail interface and the WSPNZ website in the next few days. However, the SPGB and WSM websites could remain offline for several weeks while we fix the security flaw that led to this breach.

If you have any pressing questions or concerns about your own personal data, please address them for the time being to the Internet Committee at .
We will post updates of a more general nature here and elsewhere as our investigation and restoration work progresses.