Jump to content

Data Incident - Moodle


David Z - 1027224
 Share

Recommended Posts

On Monday 22 April 2019, VATPAC received a report that a publicly-accessible part of our Moodle system ("The Academy") displayed the email addresses of registered users. These email addresses were sourced from VATSIM when a user first logged in with VATSIM SSO (Single Sign-On). Upon receiving this report, VATPAC staff immediately disabled our Moodle until the issue could be rectified. The affected parts of Moodle have been permanently disabled and service has since been restored.

Am I affected?

You are affected by this incident if you have an account with our Moodle system and have logged in with VATSIM SSO. Note that upgrades to our Moodle have taken place over the years and some of these upgrades reset the user database. If you have never logged into Moodle with VATSIM SSO, you are not affected.

What are the impacts?

If you were affected by this incident, your email address may have been displayed on a publicly-accessible page on our Moodle and visible to all Moodle users. This was an obscure page and there is no evidence to suggest that more than a few people accessed it.

The page has been publicly-accessible for an unknown period of time, likely since July 2017.

There is a low probability that email addresses on this page were collected by marketing agencies. There is no evidence to suggest that this occurred. However, in this event, affected persons may receive spam or other malicious emails. If you receive any suspicious emails, you are recommended to avoid opening it or any attachments or links and either delete the email or use your email providers "report spam" function.

What did VATPAC do in response?

VATPAC took the following actions in response to this incident:

  • disabled the Moodle system immediately to prevent immediate access to the affected page
  • changed Moodle settings to prevent access to the affected page
  • restored service to Moodle
  • undertook an investigation into the circumstances that led to the incident

What is VATPAC doing to prevent this from happening again?

VATPAC has implemented the following measures to prevent similar incidents:

  • changed Moodle settings to prevent access to the affected page
  • reviewed other systems to ensure that they are configured correctly
  • reported the incident to VATSIM

Who can I contact with further concerns?

Tom Grozev, Director IT - it at vatpac dot org

  • Like 2
  • Thanks 1
Link to comment
Share on other sites

 Share

×
×
  • Create New...