Author: Tom Kulzer (AWeber CEO)

Email Subscriber Data Accessed; What We’re Doing About It

By Tom Kulzer (AWeber CEO)

Tuesday, October 19, 2010

Over the weekend, AWeber was the target of a deliberate and successful attempt to mine email addresses.

On Saturday, October 16th, an unknown person gained unauthorized access to databases containing email subscriber information.

This incident appears to be part of a broader series of similar successful attacks on a number of email service providers (ESPs).

What Information Was Compromised?

A download of subscribers’ email addresses was initiated.

While we can’t tell whether it completed successfully, we have to assume that it did.

It’s also important in a situation like this to take stock of what information was not accessed.

The attackers did not gain access to credit card numbers, customers’ email or postal addresses, affiliates’ tax IDs nor any other contact information about AWeber customers or affiliates.

What Does AWeber Do To Protect Your Data? What About This Incident?

On a daily basis, a few thousand attempts are made to attack AWeber. This sounds like a lot (and it is), but it’s no different at any other sizable web-based application.

We use a combination of in-house and third-party security solutions to scan our network for possible “holes” in security, and to monitor, block and analyze the many attempts made to gain unauthorized access to AWeber. On the whole, these solutions are very good at what they do and this approach serves us well. Unfortunately, both the in-house and third-party solutions failed to detect or stop this particular attack.

We became aware of the incident on Monday, October 18th and immediately began an investigation to identify and close the vulnerability that was exploited. We closed the vulnerability promptly and are now analyzing why neither our in-house or outsourced security solutions identified it before the incident occurred.

We continue to invest significant resources into enhancing our current security and implementing new security measures to combat future attacks. We are also working with other ESPs who have been similarly attacked to share knowledge and better secure the email marketing industry as a whole.

Questions? Please Contact Us.

Those wishing to reach us with specific questions regarding this attack are encouraged to call our Customer Solutions Team, who will immediately address your concerns.

US Phone: 877-AWEBER-1
International Phone: +1 215-825-2196
Email: http://www.aweber.com/contact-us.htm

We’re Sorry

I – and all of us at AWeber – understand that trust is hard to come by online, not only for us, but for you as well.

Your subscribers trust you with their email address, and trust that you will treat that address and their permission to be emailed with the utmost care. While most of them will not notice any changes to their inboxes as a result of this incident, we take that trust, and what has happened, seriously.

We take all the measures we can to protect your account (some of those are discussed above), and I’m sorry that this incident occurred.

Tom KulzerRemorsefully,
Tom Kulzer
CEO & Founder
AWeber Communications

Eudora Email Client Breaks HTML Links Without Quotes

By Tom Kulzer (AWeber CEO)

Broken HTML LinksLooking into an odd problem this morning for a client, I discovered that some email clients are better at handling malformed HTML links than others.

The client had a link in their HTML message that was missing quotes around the URL.

Incorrect:

<a href=http://www.example.com?test=mylink>Read more</a>

Correct:

<a href="http://www.example.com?test=mylink">Read more</a>

Both links worked find when tested in popular webmail clients like Yahoo, Gmail, and Hotmail. Unfortunately less popular email clients like Eudora Mail will break the link.

Technically a link without quotes is improper HTML usage, but most email clients do handle it just fine which can cause the error to go unnoticed.

Twitter Tweet This

AWeber 10th Anniversary

By Tom Kulzer (AWeber CEO)

This month marks the 10th anniversary of AWeber since our first customer back in August 1998.

You might think that after 10 years things around here would be business as usual. It’s anything but with constant new feature releases, hardware upgrades, new team members joining, and the thousands of small businesses like yourself that we work with every day.

What better way to celebrate the past and look forward to the future than to look at some of the many stages of change we’ve had over the years?

Website

1998, 2002, 2006, 2008:

1998 Website2002 Website2007 Website2008 Website

Screen shots above taken from captured site content on the Internet Archive Wayback Machine. Click through to take a look at some of the other designs we’ve had over the years.

Computer Servers

Single Cabinet Facility

Single Cabinet Colo

Dual Cabinet Expansion

2 Cabinet Colo

Cage Buildout

Cage Buildout

Buildout Complete

A few of our huge storage servers making up over 30 terabytes of storage.

servers1servers2servers3

Thank You

At the end of the day though AWeber’s success is due to people.

Customers like yourself who use AWeber to grow their small businesses and team members here in the office who keep things humming day after day.

To all of you, I thank you!

It’s been a marvelous first 10 years and I’m looking forward to the next 10.

(More) New Email Web Analytics Feature Sneak Peek

By Tom Kulzer (AWeber CEO)

Sneak PeekWith the overwhelming response to our initial analytics sneak peek it’s hard to imagine that we might actually have more up our sleeve for you.

Most small businesses using email marketing call their campaigns a success or failure based strictly on the raw number of opens or clicks they get.

Unfortunately, up until now there hasn’t been an affordable solution for small businesses to truly get inside their campaigns.

That’s about to change…

Beyond Landing Pages

Most email campaign reports can show you how many clicks you received on a link.

What happens when the user clicks thru to your site and continues to click around on other pages? Would it be helpful to know the total traffic impact your campaign has on your website, not just the landing pages?

Now you can, with the addition of one line of JavaScript on the pages of your site you can track clicks in your emails using your own domain name and track clicks that go beyond your landing pages.

Track email sales revenue

Track Email Sales Revenue

For most small businesses the goal of having an email newsletter or other mail follow up campaign is to drive sales or a specific action on your website.

How many sales did your last campaign generate? How many dollars did that campaign bring in?

Tracking sales and the revenue from those sales will now be integrated directly with your campaign reports.

You can track any type of goal you may have on your website, whether it’s logging into an account, posting a comment on your blog, or filling out a form to request a quote.

Dashboard Screenshot

Report Dashboard

With the multitude of new reports available, loading a page to view each one separately can be time waster.

Reports that you access frequently from different lists can all be placed in one central dashboard page.

Flexible Reporting Date Ranges

Flexible Reporting Date Ranges

Rather than being stuck with a specific date range such as the last 30 days, flexible reporting allows you to drill into your data over any period of time.

Look at results for last week or the last 6 months — slicing and dicing your data in any way you desire.

Get Early Access To These New Features

We’ve opened a few more slots for beta testers.

Participants should have at least 100 subscribers and be communicating with their subscribers once per week or more.

Interested? Please post in the comments on this post. Be sure to include your website URL and email address in the proper boxes so we can contact you.

New Analytics Sneak Peek – Call for Beta Users

By Tom Kulzer (AWeber CEO)

While it’s a gloomy rainy day here in PA, it’s a great day at AWeber when we get to let the cat out of the bag on a project that’s been in the works for over 6 months.