What can you tell us about yesterday and did anyone get into our files. What is currently going on and what will happen.Thank you

Earlier this morning the ANA staff became aware of an alleged hack into the association’s website, money.org. We appreciate the concerns this has caused among some of our members and apologize for any worry or inconvenience.

Why did the ANA website look and behave differently on Sunday, March 3?

Last Sunday, an ANA member added HTML code* to a personal blog post, causing several changes to occur on money.org. This code temporarily altered the website’s color and other graphic elements of the website. The code also caused music to automatically play on the website. [*HTML code is the basic language used in building a web page, allowing programmers to build content using text, links, images, videos and sound.]

Was my personal information compromised?

There is no indication that any member information was compromised, or at risk. The ANA uses a highly-secured database, separate of money.org, to contain and protect our member information. The offending member at no time had access to the ANA member database or the administrative area of money.org.

What happens now?

The code has been removed from the website, and changes are being implemented to prevent users from adding this type of code in the future. The ANA will also review the activity of the user in question and determine what steps should be taken next.

Once again, we are sorry for any concern this may have caused. Please know that your personal information with the ANA is safe and was at no time exposed.

If you have additional questions, please email us at webmaster@money.org  

Know that the ANA takes this violation - as well as the security of our members' information - very seriously. The user in question has been blocked from the money.org website, and appropriate actions are being taken.

Please rest assured that your information was not exposed. Despite what the offending member states, this is a case of website vandalism, not hacking.

We will update this thread as more information becomes available.

Update from Kim Kiick, ANA Executive Director:

After thorough cyber analysis, we have isolated this event. There was no threat to personal data. Rest assured that all issues dealt strictly with superficial elements (look and feel of the website). 

There were absolutely zero deeper security risks. We have made adjustments to the ANA website to avoid this sort of thing in the future.

Please refrain from using this forum for further conversation on this matter. The ANA Board has been notified and ANA will handle the investigation. If we need additional information from you, we will contact you.