We had a rough couple of days on the Macaulay websites!  I sent the letter below to the community today–but I thought I would post it here, too, in case anyone missed it.

To the Macaulay Community,

You may have noticed that on Monday and Tuesday of this week, some of the Macaulay websites were inaccessible or carried confusing warning messages in your browser.

The first thing we want you to know is that there was no compromise of your personal data at all.  No files were lost, none of your posts were deleted, all your work was safe and no unwanted software was installed on your computer.

Sometime overnight on Sunday, a malicious hacker attempted to insert a script (which would serve spam to anyone visiting the site) into our web server.  Google constantly combs sites to identify such malicious scripts, and that is why the warnings (which got picked up by most browsers) began on Monday morning.  In order to protect all visitors, we immediately disabled access to the site while we made absolutely sure that there was no security breach and that all possible vulnerabilities were, in fact, closed.

The process of meticulously checking everything on the site and then having Google certify that the site was completely clean took some time, and this meant that for most of Monday and some of Tuesday, our eportfolios, class websites, internship listings, event RSVP system, and other Macaulay-hosted services had to remain inaccessible. We are back up and running now.

Attacks like this are unfortunately one of the common dangers of the digital world these days–but all of our security measures were successful, and even though we experienced some inconvenience, we achieved our goal of protecting our students and all of our community.

If you have any questions or concerns, please feel free to email me at joseph.ugoretz@mhc.cuny.edu.

Have you had a comment on your eportfolio yet? Or left one on somebody else’s?  The best way to get comments is to give comments, and it’s one of the real strengths of our system that you can comment on just about anything you read (of course, the eportfolio owner can decide not to allow comments, or to delete them after you post them, or to respond in comennts of her own).

CommentsIt’s a great thrill to know that someone else is reading what you write, looking over what you post, helping you to reflect on your work and experiences.  My own first “outsider” comment on my personal blog is from April, 2004 (a month after I started the blog).  It was just a simple comment on a post about conflicting anti-virus software, but it was terrific to think that something I wrote helped someone else.  Some of my other “much-commented” posts were about being Jewish at Christmas-time, about digital poetry projects and online learning, even (go figure!) about custom wiring iPhone earbuds.  You never know what will strike a chord with someone else–and often those comments give me ideas that I never would have before, and they let me know I’m in a larger conversation.

Of course, being open to comments means that you will get some “spam” comments.  Watch for those–they sometimes say something like “I liked your post” (with a name that links to some kind of spammy website), but sometimes they’re actively commercial, or even actively offensive.  We do what we can to prevent them on the level of our eportfolio system.  Some will slip through, though, so you can just mark them as spam in your dashboard and delete them.

So go out there and comment on someone’s eportfolio or blog! And look forward to some real comments on yours!  If you have questions or ideas about commenting, or about eportfolios more generally, you can always talk to your friendly neighborhood ITF.  Or even leave…a comment…right here!