ENERGY STAR Security Notice

Tuesday, April 30, 2013

On April 28, 2013, ENERGY STAR experienced a cyber-attack on our computer systems that resulted in unauthorized access to some data from our servers.

The information accessed from applications such as Portfolio Manager, HOST and MESA may include energy data, names, email addresses, account details for some users, and encrypted passwords – technically ”hashed” passwords. We do not store passwords in plain text.

We anticipate ENERGY STAR applications that require a login will be unavailable until the end of this week. (5/5/13)

Although your ENERGY STAR password would be difficult to decode, we continue to take every precaution to ensure your account is secure. For this reason, we will expire your old password and request that you create a new one as soon as the systems become available to you.

We are sorry this incident occurred, and we are committed to keeping you posted as we also continue to monitor and protect the integrity of your data. We will follow up with all account holders with more information and next steps.