• Replies 29 replies
  • Subscribers 389 subscribers
  • Views 1090 views
  • Users 0 members are here
Options
Related

If we need to do a data breach notification...

Jamie O'Brien
$organization

Preemptively, I'd like to flag that we should connect around strategy if it's appropriate for all WordFly-based orgs to reach out to our patrons about the ransomware data breach.

I have absolutely nothing deeper than that to say yet, but it occurred to me earlier today that, should we need to do this, a good number of tri-state area people may suddenly be on the receiving end of dozens of alarming notifications and make the issue feel even larger. A coordinated notification may be a better approach.

Should today's Town Hall reveal that we ought to pursue this, we'll spin up an initial Zoom or something along those lines.

Please go ahead and use this thread to note ideas or even just interest.

CC: to the NJ folks, and

Parents
  • $organization

    July 25 Zoom Recap:

    • We had 18 attendees representing about 12 organizations. (Possibly represents ~25% of area WordFly users.)
    • The unanimous view of all present is that we are still in a holding pattern re: any constituent communication.
      • No one present has concluded that the known data in question requires notification, and is not currently inclined to message about this. 
      • Without access to reconfirm our data fields within WordFly, it's hard to verify more.
      • Most/all present have not yet pursued any alternative email platform, so it also makes sense to allow for more time/knowledge while we don't have a ready way to communicate anyway.
      • We may want to reconvene in a week / when we have a more complete set of info.
    • There was, however, also a group consensus that a coordinated approach feels key, should things change. While we may (likely) will need to send independently, we'll want to collaborate to ensure that our patrons do not receive similar but varied explanations from us, as that's potentially very confusing.
    • Segmentation of who to notify, should notification become the plan, will be an important consideration. It could likely make sense to focus on those with a particular field of uploaded data, rather than all records.NYTUG WordFly Meeting Notes 7.25.22.docx.pdf

    A longer, more transcript-like set of notes is attached. Thanks to Lauren Cartelli for keeping up with conversation on her keyboard.

Reply
  • $organization

    July 25 Zoom Recap:

    • We had 18 attendees representing about 12 organizations. (Possibly represents ~25% of area WordFly users.)
    • The unanimous view of all present is that we are still in a holding pattern re: any constituent communication.
      • No one present has concluded that the known data in question requires notification, and is not currently inclined to message about this. 
      • Without access to reconfirm our data fields within WordFly, it's hard to verify more.
      • Most/all present have not yet pursued any alternative email platform, so it also makes sense to allow for more time/knowledge while we don't have a ready way to communicate anyway.
      • We may want to reconvene in a week / when we have a more complete set of info.
    • There was, however, also a group consensus that a coordinated approach feels key, should things change. While we may (likely) will need to send independently, we'll want to collaborate to ensure that our patrons do not receive similar but varied explanations from us, as that's potentially very confusing.
    • Segmentation of who to notify, should notification become the plan, will be an important consideration. It could likely make sense to focus on those with a particular field of uploaded data, rather than all records.NYTUG WordFly Meeting Notes 7.25.22.docx.pdf

    A longer, more transcript-like set of notes is attached. Thanks to Lauren Cartelli for keeping up with conversation on her keyboard.

Children
No Data