NOTE: This is a personal statement as the author of this blog. I do not speak for the ANA or any person and entity mentioned below. The ANA’s official statement can be read here, on their website
During the last few days, users of online numismatic forums have been reporting that their credit card information was stolen have conjectured that the recent technical issues that have caused problems with the American Numismatic Association website was to blame. Although the ANA website has had technical issue, there is no evidence that credit card or other personal information was compromised during this time.
Earlier this year, the ANA Board of Governors decided that it was time to consider upgrading their technology infrastructure to support growth of the organization and to support the new generation of members comfortable with being online. Working with the Governor Greg Lyon, a committee of ANA members with technical backgrounds was formed to advise the Board of Governors as to how to proceed. As a longtime critic of the ANA’s use of technology, I was asked to join the committee.
The committee consists of dedicated ANA members with a varied background in the technology industry. The committee is led by James Reinders of Intel with the Web Services Subcommittee chaired by Bill Hyder and I chair the Infrastructure Subcommittee—taking over from Jeff Shevlin who resigned to become the ANA’s Executive Director. For those who do not know, I have been working in the computing industry for over 30 years with over 20 years in information security, the last 15 years with the federal government.
The Technical Committee is answerable to the Board of Governors and required to provide periodic reports to the Board. A report was made during a Board session in Philadelphia that described the committee’s past, present, and future activities. One of those activities was advising the current ANA staff working on the issues that was experienced with the current website.
In working to resolve the issues, the Technical Committee found the ANA staff to be professional, competent, and capable. They were able to fix the problems and get the website back working to its full functionality overcoming some very interesting challenges. The issues the ANA staff faced was caused by issues with the technology and not with a security incident—there was no security incident.
It is unfortunate that attendees to the World’s Fair of Money had their credit card information stolen. I had this happen many years ago with a telephone credit card and had to deal with a bill full of overseas calls worth thousands of dollars. Even with the advances in fraud detection, I know that it is not only difficult to deal with and I know it feels like a virtual punch in the gut. However, the cause of their problem was NOT the ANA website.