Forum

Important notice about our website security

The MS Society has today written to a proportion of its website users and visitors to alert them to a risk to the information we hold about them. We are very sorry for any concern this may cause.

We recently discovered malicious software on our website systems, suggesting an attempt has been made to gain unauthorised access. While the software has been removed and our website security systems have been upgraded, we are asking all forum users to change their passwords as soon as possible as a precaution.

The software we discovered may have compromised the security of the information we hold about members of the forum and people who have contacted us by email and through the ‘contact us’ form on our website, or those who have contacted us by email or phone. Donors and fundraisers can be assured this is completely unconnected to the system through which online donations are made. No financial information has been accessed.

We’re conducting a full investigation into what has happened. This will include looking at why our existing security systems did not prevent this sophisticated, malicious attack. The security of the information we hold about you is of the utmost importance to us and we have taken immediate steps to improve our website systems. We can reassure you that we have since upgraded the levels of security on our website systems.

Passwords used to access the forum are encrypted and highly secure so we think it extremely unlikely that even a determined individual would be able to break the encryption. However, as a precaution we would advise you to change your passwords at the earliest opportunity. If you have the same passwords for other websites, you should change them on those services.

We understand this may be concerning news to you and we have set up a dedicated Information Security Freephone to answer enquiries about this matter. People can call this line on 0800 151 2391 or 0330 159 3820 between 9am and 8pm Monday to Friday and 9am and 6pm on Saturday and Sunday.

Calls to 0800 numbers are free from a BT Landline. Calls to 03 numbers cost no more than a national rate call to an 01 or 02 number and must count towards any inclusive minutes in mobile phone calling plans in the same way as 01 and 02 calls.

Alternatively, people can email informationsecurity@mssociety.org.uk.

People can also call the Information Commissioner’s Office Helpline on 0303 123 1113. We will also update our website as any more information about this incident becomes available at www.mssociety.org.uk/infosecurity.

Thanks Stewart & Steph (admin)

Hi, will this affect the passwords for those of taking part in the MS society’s research?

Hi Socrates,

I’m going to drop you a private message. This sounds like something unrelated to the MS Society website, but I will get a few more details from you first and we’ll take it from there.

Many thanks,

Steph (Admin)

Thanks for letting us all know so quickly. Have taken your advice and changed password.

Anne

Happy New Year to you all at admin!

Why thanks Anne!

Happy New Year to you too!

Stewart (admin)

Changing password now. Thanks and Happy New Year!

Pat xx

Stewart this led me into all sorts of problems.

It kept saying that email and password not valid. Where it should have been my email address it says Snow Leopard. So tried to change it to my email address and kept on saying it wasn’t valid…and that password isn’t valid.

I give up. Any suggestions?

Thanks,

Pat xx

Hi all,

Although it is good practise to regularly change your password, please note the original post about this was from October. We haven’t had a more recent website security problem.

Stewart was doing a bit of new year’s cleaning on the boards and this post seems to have popped to the top after he removed it as a sticky post.

Many thanks

Steph (Admin)

1 Like

Hi Pat,

I’ll drop you a private message now.

Thanks,

Steph

1 Like

Lol i did not realise it was a post from from October,thought it was recently, i quickly changed my password,thinking it was a new post.