The MS Society has today written to a proportion of its website users and visitors to alert them to a risk to the information we hold about them. We are very sorry for any concern this may cause.
We recently discovered malicious software on our website systems, suggesting an attempt has been made to gain unauthorised access. While the software has been removed and our website security systems have been upgraded, we are asking all forum users to change their passwords as soon as possible as a precaution.
The software we discovered may have compromised the security of the information we hold about members of the forum and people who have contacted us by email and through the ‘contact us’ form on our website, or those who have contacted us by email or phone. Donors and fundraisers can be assured this is completely unconnected to the system through which online donations are made. No financial information has been accessed.
We’re conducting a full investigation into what has happened. This will include looking at why our existing security systems did not prevent this sophisticated, malicious attack. The security of the information we hold about you is of the utmost importance to us and we have taken immediate steps to improve our website systems. We can reassure you that we have since upgraded the levels of security on our website systems.
Passwords used to access the forum are encrypted and highly secure so we think it extremely unlikely that even a determined individual would be able to break the encryption. However, as a precaution we would advise you to change your passwords at the earliest opportunity. If you have the same passwords for other websites, you should change them on those services.
We understand this may be concerning news to you and we have set up a dedicated Information Security Freephone to answer enquiries about this matter. People can call this line on 0800 151 2391 or 0330 159 3820 between 9am and 8pm Monday to Friday and 9am and 6pm on Saturday and Sunday.
Calls to 0800 numbers are free from a BT Landline. Calls to 03 numbers cost no more than a national rate call to an 01 or 02 number and must count towards any inclusive minutes in mobile phone calling plans in the same way as 01 and 02 calls.
Alternatively, people can email firstname.lastname@example.org.
People can also call the Information Commissioner’s Office Helpline on 0303 123 1113. We will also update our website as any more information about this incident becomes available at www.mssociety.org.uk/infosecurity.
Thanks Stewart & Steph (admin)