cross-posted from: https://infosec.pub/post/12513834

American Radio Relay League cyberattack takes Logbook of the World offline

The American Radio Relay League (ARRL) warns it suffered a cyberattack, which disrupted its IT systems and online operations, including email and the Logbook of the World. […]

  • Onno (VK6FLAB)
    link
    fedilink
    arrow-up
    6
    ·
    6 months ago

    Interesting that the ARRL appears to be playing down the situation, calling it a disruption and essentially only public data being stored.

    ARRL Systems Service Disruption

    05/17/2024

    Updated 5/17/2024

    Some members have asked whether their personal information has been compromised in some way. ARRL does not store credit card information anywhere on our systems, and we do not collect social security numbers. Our member database only contains publicly available information like name, address, and call sign along with ARRL specific data like email preferences and membership dates.

    Original story below: 5/16/2024

    We are in the process of responding to a serious incident involving access to our network and headquarters-based systems. Several services, such as Logbook of The World® and the ARRL Learning Center, are affected. Please know that restoring access is our highest priority, and we are expeditiously working with outside industry experts to address the issue. We appreciate your patience.

    This story will be updated with new developments.

    Source: https://www.arrl.org/news/arrl-systems-service-disruption

    • 667
      link
      fedilink
      English
      arrow-up
      5
      ·
      6 months ago

      It’s step one of the PR playbook: assert that it’s not a big deal, and if it is a big deal then it’s not so bad, and if it is so bad then remember it’s a free service, and if you were paying then you probably need credit monitoring.

      • Onno (VK6FLAB)
        link
        fedilink
        arrow-up
        3
        ·
        6 months ago

        Much more significant is the wider impact.

        What I want to know, as a former user of LotW, were my details part of this hack and if so, why did they not notify me.

        If not, how do they know that?

        This is not a PR exercise, even if the ARRL appears to be downplaying the whole thing. This goes to the heart of how our global community hangs together.

        To make matters worse, their website now returns a proxy error.

        • Onno (VK6FLAB)
          link
          fedilink
          arrow-up
          3
          ·
          6 months ago

          Update: Their website now appears to be loading again. I have contacted their media team for comment in relation to the data for global LotW users.

        • 667
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 months ago

          I’m with you, and add to that only one update every ~72 hours is a long stretch between updates.

          I reckon they can’t update users individually because as I understand it the email system was also affected (can’t recall where I saw this), additionally they possibly just don’t know the scale yet, and if they do know the scale, they are preparing their statements in advance.