<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>I thought the eight-digit code we got every time we logged in to
the website was our 2FA for each login.</p>
<p>Perhaps, if there is an intended rule to be put in place, that
this is put in the agenda for September?</p>
<div class="moz-signature"><font size="3">
<b>Jake Leonard</b></font><br>
<font size="2">
<b><font color="black">Interim Chairman and Executive Director</font>
| <font color="#12AD2B">ChrisMont Libertarian Central
Committee</font></b> (<i>Christian County, Montgomery County</i>)<br>
<i><b>Congress</b>: 15</i> | <i><b>Montgomery County</b>:
Illinois Senate 54/55, Illinois House 107/108/110</i> | <i><b>Christian
County</b>: Illinois Senate 48/54, Illinois House
95/96/107/108</i><br>
<br>
<b><font color="black">Political Director</font> | <font
color="#12AD2B">Libertarian Party of Illinois</font></b><br>
800 Capps Ave. | Nokomis, IL 62075-1415<br>
<b>Mobile</b>: <a href="tel:2175659709">(217) 565-9709</a> | <a
href="tel:2175659273">(217) 565-9273</a> || <b>Work</b>: <a
href="tel:2175694230,700">(217) 569-4230 ext. 700</a> | <a
href="tel:2177185281">(217) 718-5281</a> || <b>Fax</b>: <a
href="tel:2177178079">(217) 717-8079</a>
</font><br>
<br>
<br>
</div>
<div class="moz-cite-prefix">On 8/29/2023 11:56 AM, Matthew Piron
via Lpil-bod wrote:<br>
</div>
<blockquote type="cite"
cite="mid:991823eb-bc3a-45b5-a4c5-a9c786cf88fa@email.android.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="auto">The most serious breach would be if an outside
actor gained access to the CRM. Perhaps we could look into the
possibility of two factor authentication for CRM access? Also,
perhaps a rule should be introduced that any official LP
business being discussed on one to one basis be conducted over
phone or video conference call?
<div dir="auto"><br>
</div>
<div dir="auto">-Matthew Piron</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Aug 28, 2023 8:10 PM, Alexa Maffei
via Lpil-bod <a class="moz-txt-link-rfc2396E" href="mailto:lpil-bod@lists.lpillinois.org"><lpil-bod@lists.lpillinois.org></a> wrote:<br
type="attribution">
<blockquote class="quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style="font-size:10pt;font-family:'verdana' , 'geneva'
, sans-serif">
<div style="margin:0;padding:0;font-family:monospace">I
actually think this is a serious problem that we really
need to look further into and if I'm being honest, I'm a
little concerned by people's lack of concern. I would've
brought it up to discuss at the last BOD meeting, but I
couldn't attend due to it conflicting with another
libertarian meeting. I agree with Ken that information
security violations are going to happen; however,
there's a difference between getting a suspicious email
telling you to click a link to 'find hot singles in your
area' and someone reaching out to several people in
leadership and successfully impersonating the leader of
our state party. This is the phishing email I (and
others) received:</div>
<div style="margin:0;padding:0;font-family:monospace"> </div>
<div style="margin:0;padding:0;font-family:monospace"><img
src="cid:169327141264ed45743f815493419499@lpillinois.org" alt=""
moz-do-not-send="true" width="573" height="289"></div>
<div style="margin:0;padding:0;font-family:monospace"> </div>
<div style="margin:0;padding:0;font-family:monospace">In
hindsight, it's definitely strange, but there are no red
flags within the message itself like misspelled words,
weird links or attachments, requests for personal info,
or anything seemingly nefarious or suspicious. At my
job, I regularly work with datasets containing social
security numbers and my company occasionally sends out
fake phishing emails as tests to ensure tech employees
like myself report anything suspicious. Yet I didn't
realize this was actually a phishing attempt until Bob
mentioned it to me offhand a little over a week ago. We
need to figure out what happened here and probably look
into taking some additional measures to ensure sensitive
information is not compromised.<br>
<br>
Best,<br>
Alexa</div>
<div style="margin:0;padding:0;font-family:monospace">
<div>---<br>
<div style="margin:0;padding:0;font-family:monospace"><span
style="font-size:10pt;font-family:'tahoma' ,
'arial' , 'helvetica' , sans-serif">Alexa Maffei</span><br>
<span style="font-size:10pt;font-family:'tahoma' ,
'arial' , 'helvetica' , sans-serif"> State Central
Committee Rep, 10th District</span><br>
<span style="font-size:10pt;font-family:'tahoma' ,
'arial' , 'helvetica' , sans-serif"> Libertarian
Party of Illinois</span><br>
<span style="font-size:10pt;font-family:'tahoma' ,
'arial' , 'helvetica' , sans-serif"> <a
href="mailto:scc10@lpillinois.org"
moz-do-not-send="true"
class="moz-txt-link-freetext">scc10@lpillinois.org</a></span><br>
<span style="font-size:10pt;font-family:'tahoma' ,
'arial' , 'helvetica' , sans-serif"> (815)
274-1976</span></div>
</div>
<br>
<br>
On 2023-08-20 23:36, Ken Mattes via Lpil-bod wrote:
<blockquote style="padding:0 0.4em;border-left:#1010ff
2px solid;margin:0">In my volunteer work with the
McHenry County EMA I am privy to sensitive
information, as it is with my work with LPIL.<br>
<br>
Cyberterror is our region's top threat by far. Drought
is way behind in second place. Both of these threats
have a 100% chance of happening; in other words, these
things WILL happen; it's not a question of if; it is a
question of when and where.<br>
<br>
The Board of Directors of the Libertarian Party of
Illinois is comprised of some of the best individuals
I have ever meet. Not a single one of us would ever
ask any of you to do anything surrepticiously. Our
team does not operate that way.<br>
<br>
Please contine to report any scurrilous messages or
emails to our team, and attach screenshots if you can.<br>
<br>
On 2023-08-20 21:15, Justin Tucker via Lpil-bod wrote:
<blockquote style="padding:0 0.4em;border-left:#1010ff
2px solid;margin:0">Team - It has come to my
attention that several people have received emails
seemingly from Bill Redpath and possibly other board
members with no subject line vaguely asking them to
chat a little via email. This is actually a phishing
attempt. Do not open the email. If you have done so
already, do not respond, and absolutely do not
provide any personal information, click on any
links, or download any attachments in it. If you
suspect an email you've received could be
suspicious, hover over the sender's name. A pop-up
with their email address will appear. If it isn't <a
href="mailto:chair@lpillinois.org"
moz-do-not-send="true"
class="moz-txt-link-freetext">chair@lpillinois.org</a>
or <a href="mailto:wredpath2@yahoo.com"
moz-do-not-send="true"
class="moz-txt-link-freetext">wredpath2@yahoo.com</a>,
it is not Bill Redpath. Someone received one from a
Gmail account called officemaile712.<br>
<br>
If you have received or receive an email like I
described or any email that you find suspicious,
please let me know as soon as possible.<br>
<br>
Best,<br>
Justin Tucker<br>
Executive Director, Libertarian Party of Illinois</blockquote>
<br>
-- <br>
Ken Mattes<br>
Secretary, Libertarian Party of Illinois<br>
<a href="mailto:secretary@lpillinois.org"
moz-do-not-send="true" class="moz-txt-link-freetext">secretary@lpillinois.org</a><br>
815 342 5177</blockquote>
</div>
</div>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
</blockquote>
<div id="DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2"><br /><table style="border-top: 1px solid #D3D4DE;"><tr><td style="width: 55px; padding-top: 13px;"><a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient" target="_blank"><img src="https://s-install.avcdn.net/ipm/preview/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif" alt="" width="46" height="29" style="width: 46px; height: 29px;"/></a></td><td style="width: 470px; padding-top: 12px; color: #41424e; font-size: 13px; font-family: Arial, Helvetica, sans-serif; line-height: 18px;">Virus-free.<a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient" target="_blank" style="color: #4453ea;">www.avast.com</a></td></tr></table><a href="#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2" width="1" height="1"> </a></div></body>
</html>