[MR] FW: [Announcements] Recent burglary at the SCA Corporate offices

Janie janielee at cox.net
Tue Nov 28 16:45:26 PST 2006 

 

-----Original Message-----
From: announcements-bounces at lists.sca.org
[mailto:announcements-bounces at lists.sca.org] On Behalf Of Jason Williams
Sent: Tuesday, November 28, 2006 7:24 PM
To: announcements at sca.org
Subject: [Announcements] Recent burglary at the SCA Corporate offices

To:     The Membership of the SCA, Inc.
From:   George Reed, Vice President of Operations
SUBJ:   Burglary at the SCA Corporate offices

Sometime during the weekend of Thanksgiving, 2006 the SCA Corporate office
suffered an illegal intrusion and burglary.  This was part of a crime-spree
that affected the entire office complex in which our facilities are located.
Initial reports are that the intruders used a stolen master key obtained
from the property manager and raided many of the suites in the complex.
While the property loss sustained by the SCA was fairly minimal, two desktop
workstations were taken, and the manner of their removal caused an
interruption in the SCA 1-800 toll free number.

Actions taken by our Vice President of Corporate Operations, Renee
Signorotti,  included changing the office locks by 10 am PST on Monday,
replacing and re-configuring the missing machines, and ensuring any risk to
the membership was ruled out.  Our Chief Technology officer effected
immediate password changes to electronic mail and SCA servers to ensure the
minimal risk of exposure became zero risk.  At no time did the perpetrators
have access to any membership information, financial records, or credit card
numbers.

Because Renee's office procedure includes not saving local passwords and
using proper levels of information security, there is no chance that the
end-recipients of the stolen machines can retrieve any personal, financial,
or business sensitive information.  No critical business data existed on the
stolen machines that were not part of the end of day back-ups prior to the
theft.

I would like this letter to the membership to serve as confirmation that we
did sustain an incident, but that the losses were minimal, full-service to
the membership quickly restored, and no ongoing risk to your membership data
or services remains.  At the end of this letter is some questions and
answers from our Chief Technology Officer, Scott Courtenay.

I would like to take this opportunity to applaud and commend the excellent
business practices, astute technology decisions, and swift responses of our
Corporate Office and our Technology staff for making this incident an
annoyance instead of a disaster.

If you have any questions, please feel free to contact me for quick response
at Seneschal at sca.org.

Thank you,

George L. Reed II
VP Operations
Society for Creative Anachronism, Inc.

-----

Q: Did they get access to the SCA servers?
A: No. The computers in the home office had only limited access (such as
personal email accounts) to the SCA servers, which are located in a secure
data center. The passwords for all personal accounts of home office
personnel were immediately changed to protect  even this limited access.
No one at the home office had access to the administrative password on our
servers.

Q: I ordered a membership or something from the Stock Clerk recently. Did
the thieves get my credit card number from these databases?
A: No. For security reasons which should be very apparent, we don't store
credit card numbers in our databases. When you process an order, the number
is held just long enough to complete the transaction and then is "forgotten"
by the system. It is never actually stored in the Stock Clerk or membership
database.

Q: I have a Known World Mail account. Were these compromised?
A: No. They are on the servers in a secure data center, not at the corporate
office.




Comments are strongly encouraged and can be sent to: 
SCA Inc.
Box 360789
Milpitas,  CA 95036

You may also email comments at lists.sca.org or reply to this message.

This announcement is an official informational release by the Society for
Creative Anachronism , Inc.  Permission is granted to reproduce this
announcement in its entirety in newsletters, websites and electronic mailing
lists.

_______________________________________________
Announcements mailing list
To unsubscribe or change your settings, visit:
http://lists.sca.org/listinfo/announcements

To change the email address you receive these messages at, visit the URL
listed above, subscribe to with your new email address.  Once this is
completed, return to the URL listed above and unsubscribe your old email
address.

More information about the Atlantia mailing list