Archive for February 2011

eFinancial Careers hacked

leave a comment »

I’d completely forgotten that I’d registered with eFinancial Careers until I got an email (see below) telling me that they’d been hacked and my personal data had been compromised. Under the circumstances, I can’t help wondering whether it might be a good idea to force companies to delete registered users’ accounts (and the attendant personal data) if the user fails to log in over an extended period of time.

Dear eFinancialCareers Member,This week, we detected illegal access of the eFinancialCareers database which compromised our users’ information. We believe that our registered users’ names, email addresses, registered countries and encrypted passwords have been accessed. At this time, our forensic teams have implemented countermeasures and continue to investigate.We are not immune from illegal attempts to access and extract information, as is the case with many organizations which maintain large information databases. Although we constantly review and improve our security features, unfortunately on this occasion, some information was taken, for which we offer our full apology.

Because email addresses were compromised, there is a possibility that you may receive unsolicited emails requesting further personal data, which could appear to come from eFinancialCareers. Please be on the alert for this type of email and inform us at if you receive anything suspicious.

Helpful advice on how to protect yourself from email scams is available on the homepage of our website. To help you determine whether communications from us are genuine, below is a list of things we do not do:

  • We do not ask for your personal financial information in an email, and never ask for bank account or credit card information to be sent via email.
  • We do not send out emails with executable or compressed (zipped) files, or attachments other than PDF and Word documents.
  • We will never ask for your password via phone or email. (You will only be required to enter your password when logging onto
  • We will never ask for your Social Security or National Insurance number.
  • Employer and recruiter enquiries from eFinancialCareers will never ask you to wire funds or accept payments for services.

As a precaution, the next time you access your eFinancialCareers account, you will be asked to reset your password.

We are taking this attack seriously and have already put security measures into place to prevent further loss of data. We will continue to review and improve our security features. We are sorry for any inconvenience this may cause you. Please do not hesitate to contact us to ask us any questions you may have relating to this security incident.

Sincerely,James Bennett
Managing Director
eFinancialCareers, EMEA & Asia PacificConstance Melrose
Managing Director
eFinancialCareers, North America

Written by jackgavigan

February 19, 2011 at 9:11 am

Posted in InfoSecurity

The Web 2.0 bandwagon goes mainstream

leave a comment »

Written by jackgavigan

February 9, 2011 at 11:41 pm

Posted in Bubble 2.0

Angels: Trust the founders

leave a comment »

I’m a big believer in putting one’s money where one’s mouth is. It separates the men from the boys and those who genuinely know what they’re talking about from the bullshitters (and, trust me – there are a lot of bullshitters in this industry). However, despite having been involved in a bunch of startups over the past 16 years and despite having pitched to a lot of VCs over the years, I’ve never actually invested any of my own money in a start-up – until this week.

I’ve long believed that the best way to understand risk is to take some and I reckon that the best way to understand what motivates potential investors is to become one yourself. So, earlier this week, I invested a (very) low five-figure amount for a (very) small stake in a classic dot-com startup

In time, I plan to share some of the lessons I learn from the experience but, for now, that’s all the information I’m prepared to divulge because the management team of the startup I’ve just invested in have decided that they don’t want to make a big song’n’dance about the fact that I’ve invested. And therein lies the first lesson – when you invest in a startup, you’re effectively investing in the management team, which means that you need to trust them. If you don’t trust them, don’t invest. If you do trust them, don’t try to second-guess them. You can (and should) advise them but, ultimately, it’s up to them to decide whether or not they should follow your advice.

Basically, it’s their job to run the company. So let them get on with it.

Photo: A snowboarder grabbing some big air in St Moritz.

Written by jackgavigan

February 9, 2011 at 11:07 pm

Posted in Investing

Cyber-criminals hit the EU’s carbon emissions trading scheme

leave a comment »

Everyone knows that cyber-criminals are constantly targeting banks and other financial institutions but you don’t often get to read about how they’ve successfully siphoned off €45m worth of certificates. Even worse, spot trading of emissions permits has been halted as a result of the breach (although, as with most commodities markets, most carbon trading is done using derivatives, so the impact isn’t quite as bad as it sounds at first).

There have been persistent rumours that the London Stock Exchange was the target of a concerted attack last year but, as is so often the case with these sort of rumours, the LSE’s keeping quiet.

It’ll  be interesting to see if further details emerge about the Emissions Trading Scheme attack.

Written by jackgavigan

February 7, 2011 at 10:09 pm

Posted in InfoSecurity