Evite recently became aware of a data security incident involving an inactive data storage file associated with Evite user accounts. No user information more recent than 2013 was contained in the file. We explain the circumstances as we understand them below, along with the steps we are undertaking to address the situation.
If you have additional questions about the incident, we encourage you to access our Help site. Or you can leave a voicemail at the number below:
United States: (833) 384 8312
We sincerely regret any inconvenience or concern caused by this incident. We are committed to protecting your information and maintaining your trust and confidence.
We became aware of a data security incident involving potential unauthorized access to our systems in April 2019. We engaged one of the leading data security firms and launched a thorough investigation. The investigation potentially traced the incident to malicious activity starting on February 22, 2019. On May 14, 2019, we concluded that an unauthorized party had acquired an inactive data storage file associated with our user accounts.
What actions are you taking in response to this incident?
Upon discovering the incident, we took steps to understand the nature and scope of the issue, and brought in external forensic consultants that specialize in cyber-attacks. We coordinated with law enforcement regarding the incident, and are working with leading security experts to address any vulnerabilities.
We continue to monitor our systems for unauthorized access, have introduced additional security measures, and have reset passwords for all affected users. If your password was reset you will be prompted to enter a new password on your next log-in.
What data was involved?
Potentially affected information could include names, usernames, email addresses, passwords, and, if optionally provided to us, dates of birth, phone numbers, and mailing addresses.
Were Social Security numbers affected by this incident?
No, we do not collect Social Security Numbers from users of our site.
Was any financial or payment data affected?
No. We do not store financial or payment information. If you opted to store your payment card in your account, your payment information is maintained by and stored on the internal systems of our third-party vendor.
Has the issue been resolved?
While perfect security can never be assured, we have worked with an outside security expert to address the vulnerabilities and remediate the incident.
What is Evite doing to protect my information?
Once we became aware of the incident, we quickly took steps to determine the nature and scope of the issue. We are working with a leading data security firm to assist in our investigation and remediation. We have also notified and are coordinating with law enforcement authorities.
We are taking steps to protect our users, including the following:
- We are notifying Evite users to provide information on how they can protect their data.
- We will be requiring Evite users to change their passwords and urge users to do so immediately. Instructions about how to change your password are below.
- We continue to monitor for suspicious activity and to coordinate with law enforcement activities.
- We continue to make enhancements to our systems to detect and prevent unauthorized access to user information.
I think I received an email about this issue. How do I know it is really from Evite?
Emails regarding this issue were sent to users whose personal data was stored in the inactive data storage file that was acquired by the unauthorized party. Please note that the email from Evite does not ask you to click on any links or contain attachments and does not request your personal data. If the email you received about this issue prompts you to click on a link, suggests you download an attachment, or asks you for information, the email was not sent by Evite and may be an attempt to steal your personal data. Avoid clicking on links or downloading attachments from such suspicious emails.
What should I do to protect my information?
We take our obligation to safeguard your personal data very seriously and are alerting you about this issue so you can take steps to help protect your information. We recommend you:
- Change your password for any other account on which you used the same or similar information used for your Evite account.
- Review your accounts for suspicious activity.
- Be cautious of any unsolicited communications that ask for your personal data or refer you to a web page asking for personal data.
- Avoid clicking on links or downloading attachments from suspicious emails.
How do I change my password?
You can change your password via the following methods:
- If you are currently logged in, you can change the password for your account on the Update Password Page in your Account Settings.
- If you've forgotten or misplaced your password, please go to the Reset Password link on our Login page and follow the prompts
These instructions can always be found on our "Account Inquiries" Help Page in our Help Center.