Please see the message below I received from Vanilla:
We are writing to provide you with information regarding an incident that affected certain personal information of 122 of your organization’s Users.
Specifically, on December 16, 2022 at approximately 4 a.m. EST, we learned that a software update distributed by Higher Logic Vanilla to Subscribers 12 hours earlier, on December 15, 2022 at approximately 4 p.m. EST, resulted in a bug that inadvertently changed certain privacy settings from “private” to “public” for your Users, as we explain below.
After learning of the incident, we immediately launched an investigation and disabled the privacy preference feature, which reverted all settings for your users’ information to “private.” This feature was disabled by approximately 10:49 a.m. EST on December 16, 2022.
The incident affected the information that those 122 Users entered in the Subscriber-generated “Customer Profile Fields” that your organization set up in your Higher Logic Vanilla instance.
Our investigation of the impact of this incident on your organization is complete and we have remediated the issue. We have no reason to believe that the incident was caused by a bad actor, and we have no evidence that any data has been misused as a result of this incident.--
Brickset.com is a participant in the Amazon Services LLC Associates Program, the Amazon.com.ca, Inc. Associates Program and the Amazon EU Associates Programme, which are affiliate advertising programs designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.
As an Amazon Associate we earn from qualifying purchases.