Reply
cancel
Showing results for 
Search instead for 
Did you mean: 
Reply

Take the site offline right now

Community Guru
Fergus M Member Since: May 23, 2015
11 of 18

There are screenshots on Facebook showing a different freelancer's name in the drop-down list. That looks very much like the system had them logged in as the other person. The fact is that with a screw-up of this magnitude none of us have any idea what was or was not at risk - and neither do Upwork. They simply haven't had enough time to investigate properly.

If liberty means anything at all, it means the right to tell people what they do not want to hear.― George Orwell
Community Guru
Petra R Member Since: Aug 3, 2011
12 of 18

@fergus M wrote:

There are screenshots on Facebook showing a different freelancer's name in the drop-down list.


 Fergus, I was also a male with a tie suddenly,  and I have screenshots too. Clicking on anything at all got me to that bit of my own profile. It was apparently fixed hours ago, and the site was down while they fixed it.

 

Was this a pretty major clusterbeep? No doubt.

 

Do I think my security is at this point in danger? Personally I do not.

 

Do I think this is being handled well? Not really, no.

 

I was, briefly, a man with a tie. I was in a part of his profile. Heaven knows who was in mine. That is "not a good thing"

 

A bit more than " we appreciate your patience" should have been forthcoming hours ago

 

 

 

Community Guru
Fergus M Member Since: May 23, 2015
13 of 18

"I was also a male with a tie suddenly"

 

So was I, once. Then I was a male in a uniform. Now I'm a freelancer, so I'm a male in whatever the hell I feel like wearing to work. If anything (sorry, Preston).

 

You're right; the response to this has been an utter shambles. I'm not complacent about security, because the site is clearly so screwed up at this point that I don't think anyone can say what has or hasn't been left vulnerable, but either way we should have been kept properly informed and not palmed off with the usual boilerplate.

If liberty means anything at all, it means the right to tell people what they do not want to hear.― George Orwell
Moderator
Valeria K Moderator Member Since: Mar 6, 2014
14 of 18

Hi Fergus and others,

 

Please, see Garnor's post here for more information about the issue. We apologize for the inconvenience and the delay with the response.

~ Valeria
Untitled
Community Guru
Fergus M Member Since: May 23, 2015
15 of 18

I'm afraid a forum post isn't very reassuring. Can you categorically guarantee that no user data was compromised, and do you intend to have a proper security audit carried out?

If liberty means anything at all, it means the right to tell people what they do not want to hear.― George Orwell
Ace Contributor
Pia M Member Since: Feb 26, 2015
16 of 18

The issue is NOT solved, see the screenshot. I cut the name out, but yep, that's actually my client.

Community Guru
Petra R Member Since: Aug 3, 2011
17 of 18

Pia, that isnot the same issue.

 

You are not logged into your client's account, you are (clearly) logged into yours.

Ace Contributor
Pia M Member Since: Feb 26, 2015
18 of 18

I am, that's true, but I shouldn't be seeing that in my account.

TOP SOLUTION AUTHORS
TOP KUDOED MEMBERS