[Chapter-delegates] Internet Society Data Leaked

Winthrop Yu w.yu at gmx.net
Wed Feb 16 16:34:29 PST 2022 

Olivier, we don't need press releases or "updates".

At the very least, we need:

a)  a clear, comprehensive yet concise official statement from ISOC HQ regarding 
the breach.

b)  including whether ISOC HQ has notified *all* its global members (which would 
include the individual members of chapters).

That above is a bare minimum. Then we will have to check that against any 
obligations the chapter itself may have under local law. And we may subsequently 
need further clarification / statements from ISOC HQ.

WYn


On 17 Feb 2022 1:45 am, Olivier MJ Crépin-Leblond via Chapter-delegates wrote:
> Am I the only one in Chapter Delegates mailing list who received and read the 
> email from Christine Saegesser explaining the problem with MemberNova and 
> referring to:
>
> "As we noted in our prior email, after we learned of the issue, we launched an 
> investigation. The investigation is continuing, and we will provide more 
> details when we have more information to share. Going forward, updates will 
> be posted at updates.internetsociety.org <http://updates.internetsociety.org>, 
> and we encourage you to check there for additional information. The membership 
> password to access this website is ISOC-AMS-Updates (case sensitive)."
>
> Or is the problem that there does not appear to have been any updates since 
> 21st January 2021?
>
> Kindest regards,
>
> Olivier
>
>
> On 16/02/2022 14:54, Veni Markovski via Chapter-delegates wrote:
>> +1 to the request for more clarity; our members need to be informed, and I 
>> don't want to share on social media a link to an article on some website. 
>> There should be something at isoc.org, and in the news section there's only 
>> one press release from 2022 - on February 4.
>>
>> Also, it's not a good thing to find out from a publication about some of the 
>> details (I assume not all of them)...
>>
>> v/
>>
>> On 2/16/22 04:19, Roland Turner via Chapter-delegates wrote:
>>> Andrew,
>>>
>>> Could we have a little more clarity on this please? Chapter members in 
>>> multiple jurisdictions may have notification obligations arising from this.
>>>
>>>
>>> The Jan 21 <https://updates.internetsociety.org/> update states:
>>>> Fortunately, we have still not seen any instances of malicious access to 
>>>> member data as a result of this issue.
>>>
>>> This appears a little unclear to me on two important fronts:
>>>
>>> *"have not seen"*
>>>
>>> An adversarial read of this is the rather horrifying idea that access 
>>> logging was not turned on, so you (and MemberNet) haven't the faintest idea 
>>> whether there were any unauthorised accesses, which would certainly allow 
>>> you say that you hadn't seen any unauthorised accesses but wouldn't mean 
>>> that there weren't any, even at a reasonable level of confidence. Hopefully 
>>> this is not the case!
>>>
>>> *"malicious access"*
>>>
>>> The relevant question is not whether any accesses could be described as 
>>> malicious, but simply whether they were unauthorised. An adversarial read of 
>>> this is that there were unauthorised accesses, but because you don't have 
>>> much information about the unauthorised accessers you not in a position to 
>>> say that they were acting maliciously, however this would tell us nothing 
>>> about whether there had been unauthorised access. Again, hopefully this is 
>>> not the case!
>>>
>>>
>>> To address both concerns, are you able to confirm that:
>>>
>>>  1. access logging was turned on and the logs were successfully secured;
>>>  2. the logs appear to be complete (in this case "appear to" is fine; the
>>>     requirement is simply that there are no unexplained gaps); and
>>>  3. all logged accesses are authorised (i.e. because they were made by the
>>>     application server, not random external IP addresses)
>>>
>>> ?
>>>
>>>
>>> - Roland
>>>
>>>
>>> --------------------------------------------------------------------------------
>>>
>>> On 16/2/22 15:41, Hank Nussbacher via Chapter-delegates wrote:
>>>> In case you missed it:
>>>>
>>>> https://www.infosecurity-magazine.com/news/internet-society-data-leaked/
>>>>
>>>>
>>>> Regards,
>>>>
>>>> Hank
>>>>
>>>> _______________________________________________
>>>> As an Internet Society Chapter Officer you are automatically subscribed
>>>> to this list, which is regularly synchronized with the Internet Society Chapter Portal (AMS):
>>>> https://admin.internetsociety.org/622619/User/Login
>>>> View the Internet Society Code of Conduct:https://www.internetsociety.org/become-a-member/code-of-conduct/
>>>
>>>
>>>
>>> _______________________________________________
>>> As an Internet Society Chapter Officer you are automatically subscribed
>>> to this list, which is regularly synchronized with the Internet Society Chapter Portal (AMS):
>>> https://admin.internetsociety.org/622619/User/Login
>>> View the Internet Society Code of Conduct:https://www.internetsociety.org/become-a-member/code-of-conduct/
>>
>> -- 
>>
>> Best regards,
>> Veni
>> https://www.veni.com
>> pgp:5BA1366Eveni at veni.com
>>
>> The opinions expressed above are those of the
>> author, not of any organizations, associated
>> with or related to him in any given way.
>>
>> _______________________________________________
>> As an Internet Society Chapter Officer you are automatically subscribed
>> to this list, which is regularly synchronized with the Internet Society Chapter Portal (AMS):
>> https://admin.internetsociety.org/622619/User/Login
>> View the Internet Society Code of Conduct:https://www.internetsociety.org/become-a-member/code-of-conduct/
>
> -- 
> Olivier MJ Crépin-Leblond, PhD
> http://www.gih.com/ocl.html
>
> _______________________________________________
> As an Internet Society Chapter Officer you are automatically subscribed
> to this list, which is regularly synchronized with the Internet Society Chapter Portal (AMS):
> https://admin.internetsociety.org/622619/User/Login
> View the Internet Society Code of Conduct:https://www.internetsociety.org/become-a-member/code-of-conduct/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://elists.isoc.org/mailman/private/chapter-delegates/attachments/20220217/bb746f76/attachment.htm>

More information about the Chapter-delegates mailing list