I signed up for elance a few years ago when I was looking for work and thought of doing a little consulting. I never really saw any decent paying work on their site and really kinda forgot about them until I received this e-mail today.
Dear xxxx,
We recently learned that certain Elance user information was accessed without authorization, including potentially yours. The data accessed was contact information — specifically name, email address, telephone number, city location and Elance login information (passwords were protected with encryption). This incident did NOT involve any credit card, bank account, social security or tax ID numbers.
We have remedied the cause of the breach and are working with appropriate authorities. We have also implemented additional security measures and have strengthened password requirements to protect all of our users.
We sincerely regret any inconvenience or disruption this may cause.
If you have any unanswered questions and for ongoing information about this matter, please visit this page in our Trust & Safety center: http://www.elance.com/p/trust/account_security.html
For information on re-setting your password, visit: http://help.elance.com/forums/30969/entries/47262
Thank you for your understanding,
Michael Culver
Vice President
Elance
I commend them for going public with this rather embarrassing story, a lot of companies hide these events. However, I’m annoyed that all these companies that retain this kind of data really only care about security after this kind of thing happens.
6 responses so far ↓
1 Alexander Kornbrust // Jul 20, 2009 at 4:46 am
Here some additional information:
Elance lied in their email (something I hate). They lost also the creditcard numbers too. My creditcard (details see blog.red-database-security.com) was stolen from their website and 1 day later abused. Mastercard locked my card already.
2 James // Jul 20, 2009 at 6:36 am
They have to disclose breaches because of government regulation.
3 Cody // Jul 22, 2009 at 9:58 pm
Luckily for me I hadn’t entered my CC information.
Hopefully the CC company doesn’t give you too much grief!
4 Kristi Patrice Carter // Feb 2, 2010 at 6:07 pm
I am sorry that you didn’t have any success with Elance however I strongly suggest that you give them another go-around. I personally have completed over 700 projects to date and I know many providers that are making good money with Elance.
The thing about Elance is that it caters to quality providers and buyers and you really have to market yourself effectively to make it work for you.
Here are some tips:
-Always submit individualized proposals that address the buyer’s specific requests. Highlight your skills effectively and don’t be afraid to provide additional information via the private message board.
-Only submit proposals for reputable buyers that have a proven history of paying their contractors and awarding projects.
- Don’t be afraid to ask for 1/2 down and the balance upon project completion.
-Protect yourself with a written contract.
- Know your worth and remain competitive. If you have to lowball in order to get your first project, establish a reputation or get a long term gig, then don’t be embarrassed. Many Elance providers have done that in the past – just don’t consistently undervalue your work. It affects your morale, drive and lowers buyers’ expectations.
Lastly but most importantly, HAVE FUN and NEVER GIVE UP!
5 Kristi Patrice Carter // Feb 2, 2010 at 6:08 pm
Another point -
Elance takes security very seriously and I think it was very professional and smart for them to quickly inform users of the problems and then fix the security issue FAST! Don’t you?
6 Cody // Apr 25, 2010 at 9:22 am
Kristi: You obviously work for elance. However, I chose not to flag your comments as spam, even though they clearly are.
Elance has a tough battle ahead after not one but TWO security failures last summer. I hope they’ve hired a good security officer and are putting better protection in place. I will likely never use them again.
Leave a Comment