2016 Postmortem
Related: About this forumData breach: NGP VAN "played no part in the October data issue that has been mentioned"
That statement is from NGP VAN's website.
Has anyone heard what other system was involved?
http://blog.ngpvan.com/data-security-and-privacy
For clarification, NGP VAN played no part in the October data issue that has been mentioned.
SNIP
Second, there has been independent confirmation that NGP VAN has not received previous notice of a data breach regarding NGP VAN. Josh Uretsky, the former National Data Director for the Sanders campaign confirmed on MSNBC (at 5:47), and also on CNN, regarding the previous incident: it wasnt actually within the VAN VoteBuilder system, it was another system.
hobbit709
(41,694 posts)pnwmom
(108,990 posts)hobbit709
(41,694 posts)pnwmom
(108,990 posts)IllinoisBirdWatcher
(2,315 posts)NGP advertises and provides a total turn-key "system" to campaigns.
In his public apology, the NGP CEO very carefully said "another system" and NOT "another vendor's system."
Campaigns use NGP for donor prospects, donor files, FEC compliance, broadcast email, website hosting, volunteer tracking and more. Most of these sub-systems, like The VAN, were developed by other third-parties and "integrated" to some degree in the NGP total campaign solution.
So if one or more sub-systems of the NGP provided software went down in October, it is most likely that the first staffer to notice and report would say something more like "NGP is down" or "NGP is acting weird" rather than saying "Gee, I'm getting too much information from the highly positive list in NH. There must be a bug in The VAN voter file."
No one seems to deny there was an NGP software problem in October. Where and what that problem was still remains a mystery. Still many questions to answer.
pnwmom
(108,990 posts)madfloridian
(88,117 posts)This mentions other companies involved in the databases used by the DNC.
http://www.epolitics.com/2014/08/21/ngp-van-opens-door-for-a-democratic-community-of-innovation/
From August 2014
Last night, NGP VAN moved Democratic political technology into a new phase one of solidarity and maturity. Long criticized for having somewhat of a monopoly in the space, potentially hampering innovation, NGP VANs Next event instead rather proved that theres still plenty of new ground to be broken. In a space where showcase events like this have often heralded the mundane (or worse yet, vaporware), NGP VAN announced some exciting new products and projects.
Lets dive into the deeper implications of some of what they announced:
Upgraded Product Suite
The most tangible of their announcements were the least interesting (to me, anyway). A new version of VAN, and a new version of NGP, both products made to look and feel more like each other definitely a positive step since its been 3 years since the companies merged. However, because of the extensive field training people have on both products, NGP VAN is constrained as to how much they can modify the actual user experience and workflow. Expect that to change, but slowly and deliberately.
Innovation Platform
The truly innovative stuff came in the form of the appropriately-named Innovation Platform. Theyve put a lot of work into overhauling their infrastructure, and Relay and Pipeline are the result. Relay efficiently matches data across NGP VANs various products, while Pipeline creates a realtime data sync to several of the most-used analytics services namely Blue Labs, Civis, Clarity, and Catalist. These changes might seem small, but theyre technically challenging, and theyre critically important to the data and analytics folks on campaigns. It was also nice to see NGP VAN unifying logins under ActionID and taking the next step on portability with embeddable forms (what theyre calling ActionTag).
APIs: Opportunities for Grassroots Creativity
But to me, that was all either must-haves or behind-the-scenes work. What got me excited was the announcement of NGP VANs partnership with the DNC to make all of this open via a set of APIs (available at http://developers.democrats.org). In conjunction with the ProgressUI library a set of interface patterns, reusable code snippets, styles, and art these APIs have the potential to turn every field office into the country into an app-building shop. Got a great idea for how to use your field data? Now you can build the app! If youve ever worked in a campaign office, you know how many great ideas pop up and then disappear with a dismissive it would be great if VAN did that. Well, now you and your developers can build the app yourselves.
Hiraeth
(4,805 posts)IllinoisBirdWatcher
(2,315 posts)Thanks for posting this. Everything described in your 2014 article is clear and describes the evolution of NGP as I understand it.
and I guess I misspoke. Rather than call NGP VAN a "turn-key system" I guess they want to be an "Upgraded Product Suite" to make their individual sub-systems "look and feel more like each other..."
So in NGP's development of "either must-haves or behind-the-scenes" enhancements, does the donor file sub-system (and the required FEC reports) interact behind-the-scenes with the voter file? The volunteer file? The target email lists?
NGP says The VAN (containing the voter file in question) was not compromised in October. But they don't deny they were made aware of a data failure in October. The question remains as to what "system," either integrated or stand-alone actually did fail in October. Was it a part of the Upgraded Product Suite? If so, which part and did it have any integration with the voter file?
ViseGrip
(3,133 posts)madfloridian
(88,117 posts)May still be.
Don't know the status now.
I did some searching on it, but all I get is from right wing websites. I believe it was started or led by Harold Ickes.
ljm2002
(10,751 posts)...to take proper care of campaign data, no matter what company they hire to do it or what database is used.
So that doesn't let them off the hook.
pnwmom
(108,990 posts)ljm2002
(10,751 posts)...then it is unlikely they would have (a) complained about a data breach in October, and (b) referred to the incident when this latest breach occurred.
Next?
pnwmom
(108,990 posts)So I don't trust any excuses he makes at this point.
ljm2002
(10,751 posts)...just common sense logic.
TTFN
pnwmom
(108,990 posts)with no evidence.
They are basically saying that since they took advantage of the breach, then others must have too. Yet they haven't shown one iota of evidence, much less proof.
sufrommich
(22,871 posts)October data breach. As I said before,it would be very easy for them to provide proof of their warning if it had actually happened.