Security Breach in MyAmeriCorps Portal
Greetings HandsOn Corps Members,
Below is an excerpt of a letter sent by Patrick Corvington, CEO, CNCS regarding the access vulnerability or security breach of the MyAmeriCorps portal:
“The Corporation for National and Community Service has discovered and corrected access vulnerabilities in the MyAmeriCorps portal website that may have created the potential for others to view personal information of program applicants and participants. We greatly value the privacy of all our program participants and applicants, and are implementing measures to strengthen the system.
The vulnerabilities, which date back to 2006, would not have caused personal information to be exposed in the normal operation of the portal. Rather, someone would have had to manipulate the web URL, or know a person’s unique log-in name and use a specific technique to bypass the required password. If this occurred, personal information that was entered into the system potentially could have been seen. For example, a person’s name, address, and last four digits of social security number, or full social security number if someone received a W2 or 1099, may have been viewed.
To ensure the highest degree of caution and care, we are notifying all AmeriCorps applicants and participants with records in the system – including State and National, VISTA, and NCCC – and offering them a full range of support services. These services, which are outlined in a letter mailed to their homes today, include an 800 number hotline, and the opportunity to sign up for a one-year membership in a credit monitoring and identity theft protection program at no cost.”
Also, below are links for more information should you desire it.