Drew

1 month ago

Follow-up on last week’s security issue

What we've confirmed, what we've done, what's coming next

Hi everyone,

I wanted to give you a quick update following the security issue we notified you about a few days ago.

As shared earlier, a single member’s account was compromised and used to send phishing-style messages to other members. We have not yet been able to talk to the member in question but, through caution, we have removed the account. We are satisfied that the member had nothing to do with the actions.

Since then, we’ve completed a thorough review of the incident and the systems involved, and I’m pleased to share the outcome.

What we’ve confirmed

There was no access to any private data that People Like Us holds.
There was no breach of our platform, servers, or codebase.
The attacker only accessed one member’s account, using login details obtained from outside PLU. They did not gain any deeper access or extract any information from our systems.

What we’ve done since

We’ve now closed the vulnerabilities that made this type of phishing activity possible, and we’ve strengthened internal safeguards to prevent similar attempts in the future. This includes additional monitoring, tighter validation on internal messaging, and improvements to how we detect unusual behaviour.

What’s coming next

To give everyone an even higher level of protection, we will soon be introducing two-factor authentication (2FA) for all members. It will be optional at first but mandatory in future. This will make it significantly harder for anyone to access an account even if they somehow obtained a password from outside PLU.

We’ll share more details ahead of the rollout, including clear instructions so it’s easy for everyone to enable.

Thank you

I know any security issue can be unsettling, and I want to reiterate our commitment to transparency, safety, and caring for our community. Your trust means everything to us, and we’re continuously improving our systems to keep People Like Us secure.

I particularly want to thank our members for being alert to the unusual messaging and for reporting it to us.

If you have any questions or need support, please don’t hesitate to reach out.

This message will be repeated in our other Facebook group and sent by email for non-Facebook members.

Warm regards,
Drew

🔐 Two Factor Authentication (2FA) is Coming Soon to People Like Us

Important update about a security issue today

Premium Admin

Drew

Founder & CEO of People Like Us

Travelling group

People Like Us is the world's most trusted home exchange community. We believe in sharing, trust, generosity, respect, communication, equality, cooperation, honesty, hospitality, friendship, flexibility and adventure. We take pride in our homes and we care about the environment in which we live: our village, city, country and our planet. We care about the ethos of home exchange and we do it because we love the experience and the friendships that it generates.