September 22, 2022
Please read email below from IAFF District VP McGhee on issue with IAFF website. Please contact Bob Nicks if you have any questions or concerns.
Brothers and Sisters.
On September 9, 2022, the IAFF Executive Board was informed that someone had taken control of the IAFF IT/IS infrastructure. Many of our IAFF systems that run our in-house servers are inoperable and are now held hostage by an unknown source.
This critical cyber incident has affected and compromised everything from our internal membership database to the VOIP phone systems at IAFF Headquarters.
The Executive Board has been told that staff and outside consultants are working to resolve these issues but no timeline for restoration has been provided.
URGENT: If you have or had an IAFF.org online account you should immediately locate the email and password used to login and consider that password compromised. You should cease use of that password anywhere else online and not use it, or a form of it, again.
I have been provided minimal additional information as of this date. However, in consideration of the serious nature of this cyber event and the multitude of systems involved, I am advising all Local Presidents to share this message immediately with their membership as many of our rank and file members have IAFF.org accounts, emails, and registered passwords.
Please consider this a good reminder to update your own local’s cyber security policies, passwords, two-factor authentication protocols, and internal social media systems.
While my information on the technical side of this cyber event is limited, please don’t hesitate to reach out to me directly with any questions or additional concerns.
Roy L. “Sandy” McGhee
IAFF District 11 Vice President