banner
.

Moment of truth

Posted by Trey Reeme on November 12th, 2006

2 comments

Two days after Shari blogged about how Verity means the state or quality of being true or real, they got a big chance to prove it. Their website got hacked.

From yesterday’s Spoofing Alert post:

It appears that our log-in button has been re-routed to an unauthorized website. We are in the process right now of trying break the link or pull down our site.

Please do not log in to home banking at this time.

If you did try to log on earlier today and were asked for your credit card numbers AND YOU GAVE THEM, please call this number immediately to notify us at 1-800-444-4589 option 2. Please leave us a message and we will return your call as soon as possible.

We will keep you updated on this blog site.

They’ve since pulled the main website down completely – and their blog is, from what I can tell, the primary point of online contact for their members. From an exchange in the comments:

Anonymous: I answered some screening questions the last time I logged in e.g mothers maiden name, etc. Were these authentic or spoofed?

Shari: It appears that the spoofing happened about 10 am this morning …. Unfortunately, those questions you answered were not from us. Without saying too much (because the perpetrators can read this site as well as we can) we have done a few things to shore up the problem but are not ready just yet to announce that everything is fixed.

Anonymous: It was actually already happening this morning at 6:30… long before 10.

Shari: Thank you for letting us know that. I had logged on at 5 am yesterday morning and everything was fine. The next confirmed log-in that we received was 10:00 am. So we now know it happened sometime between 5:00 am and 6:30 am.

Jim Bruene picked up on this first, and he points out there’s a “silver lining.”

As bad as this is, Verity should be applauded for the rapid response, using both its website and blog to get the word out.

Shari, this drama will pass. The last two posts you’ve made have probably been the toughest ones you’ve ever had to write, knowing that all of your online members’ eyes are now being directed to your blog. Keep your chin up; you’re making Verity’s name match the definition.

To everyone else, this should long serve as a case study of a blog’s potential as much more than a corporate marketing tool.

Posted in Blogging in Business, Communicating, CU Industry Blogs, CUs Who Blog, Marketing

Comments

Leave a response

  1. Laurel on May 3rd, 2007 said:

    Hi Trey,

    Thanks for the words of encouragement. Shari and I were busy trading phone calls throughout the day with our teammates in IS and Internal Audit to figure out how to protect our members and communicate to them. Who knew the blog would become a great way give our members up-to-the-minute updates? Much more immediate than email as this is a holiday weekend. I like the way it gives members an opportunity to tell us their concerns and fears—and us an opportunity to reassure them.

  2. VSelfridge on May 3rd, 2007 said:

    A good example of how a non-hosted blog site can aid in “disaster recovery” communications.

    Hang in there Verity CU.

If you can read this, you don't use a typical browser that renders CSS.
Please do not fill in this particular e-mail field (this is for fooling spam bots). Fill in the second one. Thanks!