Reply
cancel
Showing results for 
Search instead for 
Did you mean: 
Reply

Take the site offline right now

Highlighted
Community Guru
Fergus M Member Since: May 23, 2015
1 of 18

People are logging in and being directed to another user's profile. This is a catastrophic security failure. You need to take the site completely offline and start an immediate investigation into what went wrong and what its full data security implications are. Then it needs to stay offline until the problem is fixed and anyone whose data has been compromised has been informed.

 

Please do not reassure us that there's nothing to worry about, because at this point in time you do not know that.

 

 

If liberty means anything at all, it means the right to tell people what they do not want to hear.― George Orwell
Highlighted
Ace Contributor
Anil N Member Since: Aug 21, 2013
2 of 18

Yes this is a BIG security glitch. The worst. You are right, they should have got the site offline while the secured the user accounts.

 

They work on the assumption that the user's KNOW NOT. That needs to change.

 

Upwork does not operate like a profession organisation.

 

Regards,

 

Anil

Highlighted
Ace Contributor
Jennifer S Member Since: Dec 16, 2014
3 of 18

Agreed, but we shouldn't have to wait to get our money sitting in Pending. Facebook is full of people putting other profiles up that are not theirs! What say you UPWORKS?

Highlighted
Active Member
Andrew S Member Since: Aug 19, 2015
4 of 18

They've already answered:
"We are currently experiencing technical difficulties with the Upwork website. Our technical team is investigating the issue and we will be back up as soon as possible. Apologies for the interruption!"

 

They're investigating. So they don't have time to care about our account privacy. They have more important things to do. For example, change one more menu item or color of something or whatever else they think corresponds to "advanced technology".

Highlighted
Ace Contributor
Jennifer S Member Since: Dec 16, 2014
5 of 18

Matter of fact, what in the world am I paying you guys a couple hundred a month for? I have to have alternate contacts because you are constantly down, constantly have bugs, issues that you are WORKING on. And now, others are logging into my profile (makes sense if I am logging into another's.) Biggest Fail yet, but hey, let's send out more surveys to see how much you can bleed me for.... See that profile? My profile hasn't been on in months and it won't be again. Slowly moving away from this soddy platform. Just over it. The other feed about this you have edited almost every screen shot, but what of facebook? While you were editing, you could have given us an explanation or better yet, a heads up (email) and shut the site down. But instead you let it run and tell us that what you are sprinkling on our heads is rain. OVER IT!

 

Be glad that freelancers can run businesses better than You (Upworks) can. My success here has not been because of you, but in spite of you, understand that.

Highlighted
Active Member
Ilia Z Member Since: Jun 28, 2015
6 of 18

Of course, new colors and headers are great. And new message system is so exciting. But maybe Upwork team guys should stop fooling around and fix bugs at first? It becomes difficult to communicate with clients and to use this portal. Stop testing on production server please.

Highlighted
Ace Contributor
Mark G Member Since: Jan 25, 2015
7 of 18

Enough is enough. Upwork need to take the time to address these issues. This has become a near daily occurrence. The majority of my income is from work through Upwork - Upwork get a hell of a lot of money from me. Is it really so unreasonable to ask for a reliable site? After all, this is a big site used by a lot of freelancers and clients.

 

Upwork makes an awful lot of money and needs to invest in creating a site that at the very least doesn't have bugs. Forget the silly cosmetic changes and all of these things that we don't ask for (eg - job success score). Listen to those who are earning you money and improve Upwork. Otherwise it's quite clear that you will lose clients and freelancers alike. Sick of hearing these same apologies and excuses. It's time for action.

Highlighted
Community Guru
Fergus M Member Since: May 23, 2015
8 of 18

People are now posting screenshots on Facebook showing themselves logged in to someone else's account. This is not a "profile issue". It is a massive security fail. Our data is potentially compromised. Why is Upwork still online?

If liberty means anything at all, it means the right to tell people what they do not want to hear.― George Orwell
Highlighted
Community Guru
Petra R Member Since: Aug 3, 2011
9 of 18

It was fixed hours ago, or at least I was told it was, and the site was offline a while, no?

 

I ended up in the jobfeed page of another account but clicking on anything got me into that part of my own.

 

In other words the first page had some male person's, but clicking on anything else went to the "anything else" of mine. Sensitive info is security question protected.

 

So, peeved as I am about it, I don't think anything serious was at risk

 

I only  noticed because I saw "2 active candidacies" and was confused, as I ended them all and set myself to unavailabe this morning. So I clicked on it and saw that I (in my account) had none. So I clicked "back" and realised I was in another account. However, clicking onto anything else just got me to my own "anything else"

Highlighted
Community Guru
Pandora H Member Since: May 11, 2010
10 of 18

Based on my own experince with the "who is that masked man in my profile", and the info I received from one of the 2 support tickets I sent:

 

The glitch with "other peoples account data" showing up in our accounts was mostly (I say most  because I don't trust Support) a cosmetic glitch. There were other cosmetic issues too, such as pages loading with no content, (most job pages), the nav bar was completly missing, and then super slow load times and Cloudflare pages here and there. 

 

The worst glitch seems to be a broken job proposal, that I still as of this afternoon, can't access.

 

1. Every single working (lots of pages loaded with "krikey", Cloudflare, or simply a white empty page) link took me to things in my own personal account.

 

2. Pages would not load left, right and center. In fact, even after the "profile glitch" thing went away, the site was so broken I logged out and did other stuff.

 

3. The nav bar was missing a lot. Thank goodness I have like 17 bookmarks to all sorts of different "pages" on Upwork.

 

4. I spent almost 2 solid hours wading through this crap this morning, because after the initial shock, I realized I had a job invite that I wanted to respond to, but even at 3:30 this afternoon, can't.

 

It shocks me that Upwork didn't take the site offline during THEIR morning shift, and fix these problems right then and there.

TOP SOLUTION AUTHORS
TOP KUDOED MEMBERS