British Mensa, the society for people with high IQs, failed to properly secure the passwords on its website, prompting a hack on its website that has resulted in the theft of members’ personal data.
Eugene Hopkinson, a former director and technology officer at British Mensa, stood down this week, claiming that the organization had failed to secure the data of its 18,000 members properly. He claimed that the stored passwords of Mensa members were not hashed.
The site has been hacked using one of the organization’s directors credentials. A Mensa member told the FT that the society had sent him his password in plain text within the past year. Hopkinson told the FT that the Mensa website held lots of sensitive information on its members, including payment details, instant messaging conversations and IQ scores of both current members and failed applicants.
A spokesperson for Mensa told the FT that member passwords had been encrypted and that the organization was in the process of hashing passwords. The spokesperson denied that passwords were ever sent out in plain text and that it had handed details of the cyber-attack to Britain’s Information Commissioner “with a view to pursuing a criminal investigation”.
The site is currently inaccessible.
Staying secure online is not a matter of being smart. Obviously!
Having a cybersecurity strategy and methodology is what ensures your safety.