Author Archive

Important Note to Our Clients: Chartbeat Phishing Attack

August 22nd, 2013 by Tony

This week, Chartbeat was subject to a phishing attack as part of an ongoing campaign from the Syrian Electronic Army that recently affected OutbrainSocialFlow, and a number of other sites. Let me say first that no client's site was affected. No action was taken on or from a client site. However, four Chartbeat Publishing clients' dashboards were viewed by unauthorized parties and a handful of  passwords were reset by these wankers. I've been on the phone with every one of the partners whose dashboards were viewed as we continue to investigate this. If I have not contacted you directly, we don't feel there's a need for concern at this point, but if you'd like and it would make your more comfortable, feel free to reset your password. Though it appears this incident only involved a few clients, we're sharing this information publicly because we believe in transparency above all else and have our clients' data and security as our absolute top priority. In the next day, our development and web ops team will be writing a complete post on all of the security measures and updates we've had in place, put in place and will put in place. That's the gist, for those who want to know more, here's what we know: So what happened? We've been investigating this intensively since the phishing attack and, as of now, we've found that there was unauthorized access of a Chartbeat employee account. No client sites were accessed. Chartbeat Publishing dashboards for four of our clients were viewed and attempts were made to set and reset passwords for a handful of their Chartbeat accounts. As soon as we found out, we disabled access. In addition, the Chartbeat Twitter account was hacked for less than five minutes on Thursday early morning. This is what we know and we will continue to share more with you here and in future posts as we learn more. Was your dashboard accessed? Our investigation shows that only four dashboards have been accessed, and we have directly contacted those four clients. If I haven't directly contacted you (phoned and emailed), our investigation indicates that your dashboard was not accessed. If you see anything unusual however small, please email support@chartbeat.com (which goes to all of us) or via Twitter at @Chartcorps. We are continuing to monitor and investigate around the clock. Is there anything else for you to do? Nope, but if you feel more comfortable, you can reset the passwords to your Chartbeat accounts -- as a precautionary protective measure. How will we keep you informed? We're continuing to investigate, and if we learn anything new that directly relates to you, your account, or your site we will contact you immediately. If we learn anything new that's worth sharing more broadly, we'll update this post. One more thing from the whole Chartbeat team... We feel terrible about this. That's an understatement, really. We are taking this incident incredibly seriously, and we're here to answer any questions you have, whenever you have them. Please do not hesitate to email us with any question or concern you have. You and your security is our absolute number one priority.

Chartbeat: The Next Generation

April 11th, 2012 by Tony

Three years ago this month, Chartbeat launched at the web 2.0 summit. Today Chartbeat is beating under the hood of sites across 37 countries and takes the pulse of around 5 million visitors across the web at any one moment. Fantastic clients like ESPN, Fox News, The New York Times, Forbes, Fab.com, and Gilt Groupe have partnered with us and helped us to understand the contours of this new world of data. Today, I’m excited to announce the next chapter in Chartbeat’s history: a new round of funding, new look, new dashboard, and a whole bunch of new features. That’s a lot to get through, but I promise to be brief.

Chartbeat: Next Generation from Chartbeat Video on Vimeo.

A New Round and A New Partner

We’ve just closed a $9.5m Series B round of funding led by Josh Stein at Draper Fisher Jurvetson and Saul Klein at Index Ventures, and they're joined by some of our favorite Angel investors. Saul has been a constant friend and guide over the last three years and helped us take the time to find the right partner that will continuously help us push Chartbeat and the real-time revolution forward. We found that partner in Josh Stein. Josh took the time to get to know us over the course of a year, has incredible experience of building great SaaS companies like Box and SugarCRM. Most importantly, Josh just plain got it. Thanks Saul, thanks Josh, we’re going to make you proud.

A New Look

The first thing you’ll notice when you hit Chartbeat.com today is a very different look. We’re growing up. And growing up means making sure we’re as good looking on the outside as our dashboards are on the inside. We’re also making things simpler. Newsbeat has become Chartbeat Publishing: the command center for all serious publishers of media and content.

A New Dashboard

We’re also rolling out a brand new dashboard with advanced functionality to all Chartbeat users over the next few days. When you get your hands on it, you’ll see a few key elements that we’ve focused on:

1. Real engagement

Common understandings of engagement have always relied upon explicit actions (a like or a share) taken by a few people or traditionally inaccurate guesstimetrics like “time-on-site.” At Chartbeat, we wanted to accurately understand how engaged each person who visits your site is, not just the people who hit the like button.

So we built Engaged Time. Window open in another tab? Doesn’t count. The visitor isn’t actively viewing, reading, commenting on the page? Doesn’t count. With Chartbeat’s unique way of measuring, Engaged Time counts the amount of time someone spends actively interacting with your site and enables you to see your site from a completely different perspective.

For the very first time, you can finally go beyond eyeballs and clicks and understand which content is making an impact, what’s engaging people’s heads and hearts.

2. Data in context

When you’re looking at your data - whether Chartbeat or otherwise - I bet the first question you ask yourself is “Is this good?”. You generally know if you’re doing well compared to yourself, but what about your competitors -- those that are fighting for the same eyes and hearts that you are?

We’re introducing Peer Stats, which does just that.

Now, you can see your data, put in context with the anonymized, aggregated stats of your sites like yours all in real time.

Are we getting as much social traffic as we should? Is our page load speed fast enough? For the first time you’ll have a frame to understand your performance in the context of the wider web, so you know where to focus and when to celebrate.

3. Your data wherever you are

When something important happens, you want to know about it -- whether it’s on your site, your iPhone or iPad app or across the social web. So why should you only see real-time stats of who’s on your site? You shouldn’t.

Chartbeat is going beyond the site. From now on you’ll be able to get real-time data from your iPhone or iPad app as well as your site. This feature is currently in beta so we’re going to need your feedback, but we’re super excited about it.

We’ve also launched a new Social View that brings the social data you need into one dashboard. You’ll get loads of insight into not just who’s talking about you where, but how that’s affecting your site traffic.

We hope you like all the new things we’ve been working on. The only thing we ask of you in return is your feedback. Let us know what you think about your new dashboard as you’re rolled into it over the next few days. We can’t thank you enough for the love and support thus far. We’re excited to get to work and take this thing to an even higher level.

Post-mortem of today’s DNS outage

April 29th, 2011 by Tony

For those who might not have been following or affected, chartbeat just suffered, and is recovering from, a major DNS failure that affected our users’ dashboards. I wanted to give some insight into what happened and explain how we will do things differently in the future. Yesterday evening, one of the nameservers at our DNS provider started reporting 0.0.0.0 as the IP address for static.chartbeat.com. As you can tell, this isn’t a real IP address and we were stumped as to why it was happening since we had not made any changes that might affect it. Static.chartbeat.com holds all of our static assets, including our images, css, and javascript for our dashboards and the javascript we use to report visitor statistics to our servers. Because of this DNS error, many people were unreachable. This didn’t have any effect on people visiting our customers’ sites, but it did mean the visitors who were hitting the bad nameserver weren’t being reported. As a result, dashboards showed a dip in traffic. After being immediately alerted by Nagios, we identified the offending nameserver and reached out to our DNS provider to find out what the hell was happening. At the same time, we removed the entry for that nameserver from our system, taking it out of circulation. We monitored the effects of the changes and everything seemed to go back to normal until early this morning, when our DNS provider began to pull the same trick on a larger scale across multiple nameservers. For some reason, the lifetime of some cached assets (TTL) was being set at 12 hours instead of two hours, meaning any change we made would take at least 12 hours to fully propagate across the web. The wall still bears indentations from my head at this point. It became quickly apparent that our current DNS provider wasn’t going to be able to fix the situation in the timeframe we needed, so we reached out to Dynect, the DNS provider behind Twitter and bit.ly. Dynect was great and we were able to move our entire infrastructure over to their services before the morning was out. The changes would take a while to propagate because of the rogue TTL setting at our old DNS provider, but at least we knew that when the changes rolled out we’d be on a much more bulletproof DNS system and everyone’s traffic would be back to normal. And that brings us to now. Dynect and Akamai were both awesome and super responsive throughout, and the bit.ly guys were a great source of advice and support. We were also blown away by the response from our users, many of whom tweeted or emailed incredibly kind messages. Some of them were captured in Erin Griffith’s Adweek piece today. What did we learn? Aside from the immediate lessons around which DNS provider to use, I’d say we were probably too optimistic at first about how easily this would be resolved. Once we acted to fix the first bad nameserver, we implicitly assumed things would get better, not worse, and missed a valuable window to have prepared for more extreme options. We should have reached out to Dynect much earlier and had an alternative prepared just in case the situation recurred, rather than simply reacting when everything went crazy a few hours later. We should have (and will be implementing) a protocol to explore several scenarios and what we need to do to mitigate them, rather than simply assuming any crisis is going to follow the path we implicitly think it will. In the end, it doesn't matter whether it's an external service or an internal bug that fails, the responsibility for providing you with the service you deserve is ours and we let you down. We're incredibly sorry that our users were affected by these issues, we're humbled by the response and we're grateful for your support. Tony Haile, General Manager

When Mubarak met the Internet

February 23rd, 2011 by Tony

We watched in awe as Al Jazeera helped to topple a dictator in Egypt. Chartbeat was behind the scenes powering the analytics and dealing with the flood as millions came to the sites to watch a regime crumble. It was awesome to watch and we thought it would be awesome to share, so with the kind permission of Mohamed Nanabhay, we present the 2011 Egyptian Revolution in online traffic. Click on the image for the full view.  

 

Breaking 3,000,000 and the Mubarak Effect

February 11th, 2011 by Tony

It feels like less than a month ago we were celebrating crossing 2 million concurrent visitors on chartbeat sites; that's because it was! It took us 16 months to get to 1 million, five months to get to 2 million and now less than a month to break 3 million. Safe to say it's the fastest growth we've ever seen at chartbeat. We've seen a flood of new sites and users over the last month but what put us over the top was the incredible events happening in Egypt. We've been working hard with Al Jazeera throughout what I guess we can now call a revolution. In a recent MediaWeek article, Mohamed Nanabhay talked a little about how he used chartbeat to react swiftly to what was going on in Egypt and we've watched in awe as a News service ignored by many of the major cable companies has become, at least for a while, the most important news site in the world. Congratulations to Mohamed and his team, and all the other news services whose reporters have been covering these events. We're proud to have worked with you during this momentous time!