As some of you noticed, ChoralNet was down for most of Monday night and into Tuesday due to a server security breach. Everything should now be back to normal, and those of you subscribing to daily index/digests and the ChoralNet Daily will receive your copies as usual beginning tonight (they might be a bit big...be warned!).

 

 

In routine monitoring, we noticed unusual activity on our mail server, and the creation of a login to the management system we use for handling the ChoralNet source code that neither of us who have full access to the server created. At the same time, we also observed that mail to Yahoo users was being deferred due to unusual activity and user complaints. As a result of all of this, we elected to pull the ChoralNet server off the network to limit damage, and rebuild the server from "bare metal" as quickly as possible to restore full and safe service.

 

According to our logs, we were likely compromised by or through one or more servers in Italy, though it is impossible for us to determine the exact extent to which those servers had access to our system. If you received any spam or apparent spam from a ChoralNet address, especially on Sunday or Monday, we'd like to know. Please contact me and send me a copy of the message, including full headers if you know how to view and copy them.

 

Fortunately, neither our database nor site source code appear to have been compromised, and we have taken measures to further harden our already-tight server security. Also, no financial data was (ever) stored on the ChoralNet server.

 

We apologize for the disruption in service and thank you for your patience.