Dear FACET Members, Partners and Supporters,
Following last week’s hacking of Chief Executive Officer Tracy Shea’s email account, FACET has taken immediate actions to protect our systems and community.
What We’ve Done
- We secured Tracy’s account as soon as the breach was identified, removed any attempted unauthorised access, changed her password and reset of two-factor authentication.
- We are still actively monitoring FACET’s systems for any unusual/suspicious activity.
- FACET has begun a broader review of digital security practices to ensure we are maintaining the strongest access controls, phishing detection, and internal cybersecurity training.
Next Steps
FACET has scoped a deeper forensic investigation to understand the full extent of the breach. While this work could provide more insight into the breach, it is incredibly expensive for a small organisation like ours. For now, we are continuing to focus on containment, prevention and building further cyber resilience. FACET will continue to assess the need for further investigation if more information becomes available.
How You Can Protect Yourself
To help protect against any possible follow-on risks, FACET has been advised of the following actions you can take to protect yourselves and your systems:
Stay Alert for Suspicious Emails
Always be wary of an email that requests personal details, financial action/info or asks for an urgent response. Be sure to double-check the email sender, look out for strange phrasing, and never click a link or open an attachment from an unknown source. FACET will never ever ask for passwords or sensitive information by email.
Use Strong Passwords and MFA
Make sure your passwords are complex (including a mix of uppercase letters, lowercase letters, numbers and special characters) and make sure you are not reusing passwords across accounts. If possible, use a password manager and enable multi-factor authentication (MFA).
Monitor Your Accounts
Regularly check your accounts for any unauthorised/suspicious activity. Identifying and acting quickly can help to minimise potential impacts.
Report Anything Suspicious
If you do receive a suspicious email or notice unusual activity that you think is related to this incident, please report it directly to Ryan Mossny at chair@facet.asn.au. Do not forward potentially harmful emails.
Please be assured that FACET does not see or keep any credit card details. Payments for our events are managed via Eventbrite, and Membership payments are managed via PayPal. These payment processes have not been compromised.
FACET remains committed to transparency, continuous improvement and protecting our valued members and partners.
Thanks for your understanding and support.
FACET Chair
Ryan Mossny
