The community of British Mensa, which is popularly known for its people with high IQs, they have failed to secure the passwords on their website properly and it has resulted in a massive heck of their sensitive credentials including their member’s personal data.
According to the former director and technology officer at British Mensa, Eugene Hopkinson has made a statement that the organization had failed to secure the data of its 18,000 members accurately, the report reads in the FT.
Hopkinson claimed, “that the stored passwords of Mensa members were not hashed, potentially allowing hackers to unscramble them”. The unprecedented security attack has become all the more serious this week when the people of the community acknowledged it had been the victim of a cyber attack. Currently, the Mensa website is unavailable and a message is displaying on the website which notifies that “site under maintenance”.
In an emergency directors’ meeting, a Mensa member told the FT that “it was confirmed that the Mensa site had been hacked this morning, using the credentials of one of the organization’s directors. It was also confirmed that there were lots of Mensa members’ passwords stored in plain text. The society had sent him his password in plain text within the past year”.
It has also been observed that several stashes of Mensa personal credentials have been posted onto the Pastebin website, whilst some data have been removed from the website.
Hopkinson told the FT that “the Mensa website held lots of sensitive information on its members, including payment details, instant messaging conversations, and IQ scores of both current members and failed applicants.
“If a breach is found to have taken place, I have no faith that the [Mensa] board and office will report it adequately... or take sufficient mitigating action to prevent further harm,” Hopkinson has written this in an open letter announcing his resignation. A fellow board member resigned in protest at the same issue. Meanwhile, a spokesperson for Mensa told the FT that “the data such as members’ passwords had been encrypted and that the organization was in the process of hashing passwords,”
Additionally, “the spokesperson has denied that passwords were ever sent out in plain text and that it had handed details of the cyberattack to Britain’s Information Commissioner with a view to pursuing a criminal investigation”.
Mensa is a non-profit organization, which is only open to those people who score high marks in standardized IQ test such as in the 98th percentile