ARRL SYSTEMS SERVICE DISRUPTION

[IK0ZCW]

"We are in the process of responding to a serious incident involving access to our network and headquarters-based systems", the ARRL notified on 16 May. "Several services, such as Logbook of The World (LoTW) and the ARRL Learning Center, are affected. Please know that restoring access is our highest priority, and we are expeditiously working with outside industry experts to address the issue. We appreciate your patience. This story will be updated with new developments" (see https://www.arrl.org/).

[IK0ZCW]

While LoTW is still down, the latest update (29 May) "includes information about the status of several services as we continue to respond to a serious incident involving access to our network and systems": https://www.arrl.org/news/arrl-systems-service-disruption

[IK0ZCW]

In its Member Bulletin dated 6 June, the ARRL informs "of a serious incident that has impacted ARRL's operations.
On or around May 12, 2024, ARRL was the victim of a sophisticated network attack by a malicious international cyber group. We immediately involved the FBI and engaged with third party experts to investigate.
On May 16, on the eve of the ARRL National Convention in Ohio, we posted a notice on our website to inform members about the incident. Since then, we have made substantial progress to mitigate the impact of this attack on our organization. We have been posting regular updates, including the status of restored services. Please refer to our dedicated news post at https://www.arrl.org/news/arrl-systems-service-disruption.
We are aware that certain members believe we should be openly communicating everything associated with this incident. We are working with industry experts, including cyber crime attorneys and the authorities, who have directed us to be conservative and cautious with our communications while restoring the ARRL network.
Many of our services and programs have been impacted by this attack. We have been diligently assessing each system to ascertain the extent of compromise.
For example, while the Logbook of The World server and related user data were unaffected, we have taken the precautionary measure of keeping the service offline until we can ensure the security and integrity of our networks. Similarly, access to Online DXCC is unavailable, although individual award data remains secure.
Fortunately, some of our key systems, such as the ARRL website and our association membership system, were unaffected. Despite the severity of the attack, no personal information was compromised. Additionally, ARRL does not store credit card information anywhere on our systems, and we do not collect social security numbers.
Our Directors have heard from some members who are concerned about managing their membership renewals. Members can renew online at http://www.arrl.org/join or by phoning ARRL.
We understand the frustration and inconvenience this incident has caused, and we sincerely appreciate your patience and understanding as our dedicated staff and partners continue to work tirelessly to restore affected systems and services. Thank you for your ongoing support".

[IK0ZCW]

"We are continuing to make progress on restoring the ARRL network and many related systems and databases", the latest update (14 June) reports. "While the Logbook of The World (LoTW) server, Online DXCC, and related user data are secure and unaffected, we have taken the precautionary measure of keeping the services offline until we can ensure the security and integrity of our networks". Read the complete update on https://www.arrl.org/news/arrl-systems-service-disruption.