- Zapier sends data breach notification letter to affected customers
- It says a threat actor a 2FA misconfiguration to breach an account
- They accessed some sensitive customer information
Popular automation tool Zapier has suffered a cyberattack which saw the company lose sensitive customer information.
News of the attack was reported by The Verge, which obtained a copy of the breach notification letter the company’s Head of Security, Zeeshan Khadim, sent to affected customers.
According to the letter, an unnamed threat actor abused a “two-factor authentication (2FA) misconfiguration” on an employee’s account to gain unauthorized access to certain Zapier code repositories. “
Training AI
Normally, this would not impact our customers,” the letter further states, but after auditing the contents of the repositories, Zapier found some customer information that was “inadvertently copied to the repositories for debugging purposes”.
These were “isolated incidents”, the security boss said. We don’t know exactly how many people were affected, or what kind of information was stolen. We know what wasn’t, though: “This incident did not affect any Zapier database, infrastructure or production, authentication, or payment systems.”
Once Zapier was aware of the incident, it secured access to the repositories and invalidated the compromised account. The company also generated a secure link on which affected customers can see a copy of their impacted data.
“Please review this data, and take appropriate actions, which may include rotating any valid plain text authentication tokens that may have been used in places such as code, or webhook step configuration which were found in the impacted data,” the letter further states, suggesting what information may have been taken. “Note that your Zap/App authentication tokens were not impacted by this incident. We also recommend that you review security settings on your Zapier account and your other online apps, including activating 2FA where available.”
The company is now running a thorough audit and internal process remediation to prevent similar incidents from happening in the future, as well.
You might also like
https://cdn.mos.cms.futurecdn.net/bLTg6GBXmrv6c5v7AJFPsT-1200-80.jpg
Source link
