The Hacker News Logo
Subscribe to Newsletter

Zendesk security breach, "We've been hacked"

Customer service software provider Zendesk announced a security breach, that affected three major Zendesk clients i.e Tumblr, Pinterest and Twitter and allowed hackers into their systems.


The hacks come just days after Apple ,Twitter and Facebook revealed that their employees computers fell victim to unauthorized access.


The company believes the hacker downloaded the email addresses of Tumblr, Twitter, and Pinterest customers who attempted to get support from the companies.  Stolen information might be exploited via social-engineering attacks.

"Our ongoing investigation indicates that the hacker had access to the support information that three of our customers store on our system. We believe that the hacker downloaded email addresses of users who contacted those three customers for support, as well as support email subject lines. We notified our affected customers immediately and are working with them to assist in their response."

Zendesk discovered the breach earlier this week, then patched the vulnerability and closed off the hacker's access in short order. The company has more than 25,000 clients. Pinterest and Tumblr advised affected users to be cautious of any unexpected emails they receive.

Anyone who’s contacted the customer service departments at these companies should look through those messages to see if they've disclosed contact information. "Tumblr will never ask you for your password by email. Emails are easy to fake, and you should be suspicious of unexpected emails you receive."

"We are also completely committed to working with authorities to bring anyone involved to justice and make certain we fully understand what happened," Zendesk said.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.