January 14, 2026¶

New Email Address Editing Security - When editing another person’s profile, email address fields are now read-only by default. Users will click and acknowledge a fraud warning before editing. This feature helps protect against social engineering attacks where bad actors convince staff to change email addresses. (see Email Address Editing Security)

New Email changes to the profile will send a notification email to the person whose email was changed (old and new addresses)

New Email changes to a profile not made by the person themselves will send a notification email to staff members with the configured role (new setting, defaults to Admin)

Change Explicitly logging out (via Logout button) of the application clears 2FA confirmation

Fix Fixed issue with many registrations in a short period of time causing some confirmation emails to be missed and error sent to admins

Fix Fixed intermittent issue with OrgLeadersOnly seeing tasks and notes they should not when an error occurs building the list of members in their involvements