SPGB Website

Submitted by whichfinder on July 8, 2018

IMPORTANT - PLEASE READ

Yesterday the Socialist Party of Great Britain's Internet Committee discovered that a malicious third party had gained control of the Party's web server on worldsocialism.org.
If you have ever used the websites hosted on worldsocialism.org, please read this message carefully to understand what has happened and what you must do to secure your personal data.

Once the Internet Committee became aware of the attack, we immediately took the web server (and its co-hosted mail server) offline and began taking steps to assess and repair the damage. Our initial assessment is that the attack took place approximately one week ago and that it was effected through a security flaw in the content management system (CMS) that powers the SPGB website. The identity of the attacker is not currently known to us.

The evidence we have examined so far suggests that the attacker had the opportunity to access almost all information stored on the web server, including the SPGB forum's user database. The user database stores passwords in a secure manner, so it is unlikely that the attacker was able to see them. However, the attacker may have been intercepting data submitted through the SPGB website from the time of the attack until yesterday evening. This means that if you logged into the SPGB forum on worldsocialism.org, then the attacker may have your username and password. In any case, if you use the same username/password or e-mail/password combination on both the SPGB forum and on other websites, we advise you to change your password on those other websites immediately.

If you entered any other kind of information (such as submitting a contact form or sending a private message on the SPGB forum) on the websites of the SPGB, the World Socialist Movement, the Socialist Party of Canada, or the World Socialist Party of New Zealand, then for now you should proceed on the assumption that that information has been exposed to the attacker.

We are still working to assess the extent of the attack and to repair the damage, and we will attempt to notify any and all affected users directly once we are able to gather their contact details from the relevant databases. So far we have been able to restore the mail server(but not the webmail interface) and the Socialist Party of Canada website. We hope to be able to restore the webmail interface and the WSPNZ website in the next few days. However, the SPGB and WSM websites could remain offline for several weeks while we fix the security flaw that led to this breach.

If you have any pressing questions or concerns about your own personal data, please address them for the time being to the Internet Committee at .
We will post updates of a more general nature here and elsewhere as our investigation and restoration work progresses.

Spikymike

5 years 6 months ago

In reply to by libcom.org

Submitted by Spikymike on September 16, 2018

Best leave off the 'forum' link to access the home page. Long way from fully functional as yet - looks like a lot of hard graft for some of your members to upload all the current and back material so best of luck with that.

jondwhite

5 years 6 months ago

In reply to by libcom.org

Submitted by jondwhite on September 16, 2018

Sorry yes forum is not up, new mobile interface is. Hopefully libcom will follow suit.

ajjohnstone

5 years 6 months ago

In reply to by libcom.org

Submitted by ajjohnstone on September 17, 2018

I have also reservations about the search tool....but as explained, a work in progress.