In 2016, customer service software company Zendesk suffered a security breach that exposed data of 10,000 users, including passwords, emails, names, and phone numbers. Zendesk software is currently used by a lot of major organizations worldwide, including Uber, Shopify, Airbnb, and Slack.
Today the company published a security notice to disclose the incident.
“We recently were alerted by a third party regarding a security matter that may have affected the Zendesk Support and Chat products and customer accounts of those products activated prior to November of 2016.” reads the security notice. “While our investigation is still ongoing, on September 24, 2019, we determined that information belonging to a small percentage of customers was accessed prior to November of 2016.”
The company was informed by a third party regarding the security breach that might have impacted Zendesk Support and Chat accounts activated prior to November 1, 2016.
As of September 24, 2019 the company identified approximately 10,000 Zendesk Support and Chat accounts, including expired trial and accounts that are no longer active.
The customer service software firm decided to alert all the impacted users inviting them to take the following steps
The customer support ticketing platform discovered that the following customer information might have been accessed by the attacker:
The company announced that as a precautionary measure it will implement password rotations for all active agents in Support and Chat, and all end users in Support created prior to November 1, 2016.
“Our security team is committed to determining the full extent of the data exposure and we will update you if we learn of any additional information that pertains to unauthorized access to your account so you can take appropriate proactive measures to protect your business,” concludes Zendesk.
Anyway, customers are invited to change their passwords.
(SecurityAffairs – hacking, data breach)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.