A Boston-based non-profit organization that provides job training, JFYNetWorks, has notified (pdf) the New Hampshire Attorney General’s Office last week of a recent incident:
We recently learned of the possible unauthorized access as part of what appears to have been part of a larger attack on our organization, which occurred on June 3, 2009. The attacker gained access to one of our website applications, which was inadvertently accessible over the Internet, and proceeded to post obscene and inaccurate messages on our website (www.jfynetworks.org) and alter archived JFY press releases. That same day, the attacker sent email messages to three (3) of our program applicants (none of whom were New Hampshire residents) claiming that he had been able to acquire their personal information, including Social Security number, mailing address, email address, and in some cases, telephone number.
Information applicants would submit via the web site included names Social Security numbers, mailing addresses, and in some cases, telephone numbers and email addresses.