日本霊長類学会 Primate Society of Japan

日本霊長類学会 渉外担当理事より


If you made a payment to IPS using your credit/debit card between Oct. 23, 2017 and January 12, 2018, we strongly recommend that you stop the credit/debit card that you used. We have received reports of attempts to make unauthorized purchases on the cards of over 40 people who made payments on the IPS site. Some of these charges occurred as recently as today, so it is clear that the cybercriminals have stored the credit card numbers. LIFEVANTAGE and Nike seem to be favorite sites for unauthorized charges. If you are aware of attempts to use your card fraudulently, and you have not already let me know, please contact me.
We have addressed and corrected the problem, so it is unlikely that this will happen again. We plan to re-open credit card payments on Sunday evening, with considerable additional security measures in place.
Here is what seems to have happened:
The criminal(s) were inexplicably able to insert a bit of code (a file) into the IPS credit card payment code that instructed the IPS server to send out credit card numbers to the hacker’s email address. It is unclear how the hackers gained access to the IPS code. We found this file and deleted it, but obviously the credit card numbers are already out there.
What we have done to prevent a hack in the future:
Our webmaster has increased our security, setting up a protocol in which any code that is added to the IPS code results in her being alerted. Similarly, unauthorized emails can no longer be sent from the IPS server. These measures have been in place since Jan. 12, and we have seen no evidence of additional hacks, so we are confident that FUTURE charges on the IPS website will be secure. Remember, it seems likely that the thieves have the credit card numbers that you used between Oct. 23 and Jan. 12, and that is why we are recommending that you cancel your card. The inconvenience of changing card numbers is small compared to the inconvenience of arguing about unauthorized charges. Better safe than sorry.
All membership dues and Congress registration payments went through fine, so you don’t have to worry about those.
It seems unlikely that this episode will result in criminal charges, but we still want to keep track of attempted unauthorized charges. Perhaps the FBI will be able to work back from LIFEVANTAGE or Nike to identify the perpetrators.
Please accept our apologies for the inconvenience and let me know if you have any questions.

Steve Schapiro, Ph.D.
Treasurer, International Primatological Society







IPS has been hacked. The FBI is being alerted and the investigation is underway.
The membership site will be temporarily unavailable until we have solved the problem.
The conference registration site will be temporarily unavailable until we have solved the problem.
Check your credit card statements to make sure that unauthorized charges have not occurred. Notify me immediately if unauthorized activity has occurred.
Abstract submission is fine and all Congress registrations have been processed.
Your IPS username and password are secure. The hack was into the ‘code’ of our server and was isolated to credit card information.
I will update you as we know more.
Let me know if you have questions.
Steve Schapiro, Ph.D.
Treasurer, International Primatological Society



国際霊長類学会 経理担当