Frequently Asked Question (FAQ)
Frequently Asked Question (FAQ)
Unauthorized Access to Our System


Notice of Unauthorized Access to Our System
Posted: August 30, 2023


This is a notification of an incident involving unauthorized access of information in our Form 990 Online system. Although we are not aware of any actual misuse of your information, we are providing notice to all of our customers about the incident so that you can take steps to protect yourself from any potential adverse actions from this unauthorized access. We have notified the IRS of this incident and they aware of what happened and they are in agreement with the steps we have taken to protect the information in the system.

What happened?

We detected that intruders had gained unauthorized access to our system. We took immediate steps to get them out of the system and block them from coming back in. At the same time we engaged a cybersecurity company to help us determine how they got in (so we can prevent it from happening again), how to permanently block them, and what information they were able to access while they were in the system. The investigation uncovered that they likely were able to retrieve all the data from the user table in our database. They also had access to other tables in our database, but, at this point, we do not have any definitive indication that they took any of that data.

What information was involved?

We know that they were able to access all the records in our user table. As a result, they were able to download the full name, Login ID, email address, organization name, address and phone number you used when you registered with our system. We encrypt all user passwords in our system using industry standard encryption algorithms, so, even though your password was included in the information that they extracted from the user table, it is very unlikely they will be able to use it because it is encrypted.

We do not ask for (or store) any other personal information in our system (i.e. credit card numbers, SSN numbers, account numbers, etc.) so they were not able to retrieve any of that type of information from the database. We also do not store your return information in our database. Based on the analysis from the cybersecurity company, the intruders had no access to the Form 990/State filings stored in our system.

Actions we have taken

We have corrected the problem in our firewall that the intruders used to gain access to our system. We have corrected the specific weaknesses in our software identified by the cybersecurity company that allowed the intruders to exploit the problem with our firewall and gain access our database. We also plan to engage a security firm to provide ongoing scanning, analysis and testing of our systems to prevent this from happening in the future.

Why this notification was delayed

The unauthorized access of our system occurred on May 12, 2023. We apologize that it has taken so long to notify you of this incident. Once we realized the unauthorized access occurred, we immediately blocked the intruder and hired a cybersecurity company to work with us to find out what happened and help us further secure our system. When we knew the cause and the system was fully secure, we informed the IRS of the incident so that they could evaluate what happened and our response and recovery. We held off notifying anyone else while the IRS investigated the incident with the understanding that disclosing it before their investigation was complete might interfere with their investigation. When the IRS investigation was complete, we notified our state Charity Bureau partners and worked with them so they understood what happened. All those steps took longer than we expected, and, as a result, this notification is being sent to you later than we hoped.

Steps you can take

Change Password: Even though we are confident the encrypted passwords that the intruders downloaded are secure, as a precaution, our system will require you to change your password the next time you log in. When you change your password, please make sure you create a new password that you do not use for other websites.

Beware of Phishing: Because we believe the intruders have our user�s names and email addresses, it is possible they could attempt to launch a phishing attack on our users. If you receive an email that appears to be from us, please verify the email address before taking any action. All emails from us will always come from the domain form990.org. Also, we will NEVER ask you for your password in any of our correspondence.

Additionally, if you receive an email that appears to be from our system that contains a link to our website, please make sure that the domain for our website is correct before clicking the link. Our website domain is form990.org (with no dashes or underscores). Our primary website URL is efile.form990.org, but www.form990.org is valid too.

If you are ever unsure about an email you receive from our system, please contact us at [email protected] and we will be able to confirm whether the email is a legitimate email from us or not.

If you have any questions

If you have any further questions about this unauthorized access incident, please email us at [email protected] (or just reply to this email). We would be happy to answer your questions and/or provide any additional information or support you need regarding this issue.



Please see our technical support page if you have questions or problems using this website.
Concerned about your privacy? Please view our privacy policy.
This website best viewed on a desktop or laptop/notebook computer with a screen resolution of 1024 X 768.
Copyright © 1999 - 2024 Civic Leadership Project, Inc. All rights reserved.
Last modified: September 29, 2024.