Statement on the potential security incident on AIESEC platform

with No Comments

Montreal, Canada, January 21, 2019 – On Friday, January 12, 2019, AIESEC’s internal administrators were notified about a minor data breach affecting 40 of our system’s users. We immediately closed the vulnerability in our system.

No critical information such as passwords or financial data were compromised.

Over the weekend, AIESEC did a full assessment of our infrastructure and security systems to ensure that no further vulnerabilities are present in our system. We also confirmed that no more than 40 users were affected by this.

On Monday, January 14, 2019, we verified and contacted all users affected. We then submitted a full report on the Dutch Data Protection Authority and consulted with our GDPR lawyers. We then filed this case in our Internal Data Breach Registry and marked the case as closed.

AIESEC places the protection of our customer’s data with extreme importance and has implemented necessary improvements to ensure that such a case will not occur again such as including an update on our internal processes regarding system security.


About AIESEC:

AIESEC is a global platform for young people to develop their leadership potential through international internships and volunteer opportunities. Since AIESEC was founded in 1948, the organization has engaged and developed over 1,000,000 young people globally through international placements and membership opportunities. AIESEC is a youth-run, non-governmental, and not-for-profit organization in consultative status with the United Nations Economic and Social Council (ECOSOC), affiliated with the UN DPI, member of ICMYO, and is recognized by UNESCO.

 

For more information, please contact:
Agnieszka Okroj, AIESEC, agao@ai.aiesec.org
Laurin Lukas Stahl, AIESEC, laurinl@ai.aiesec.org

 

13