- Zapier sends a data violation notification letter to affected customers
- A threat actor says a 2FA erroneous configuration to violate an account
- They accessed the client’s confidential information
The popular Zapier automation tool has suffered a cyber attack that saw the company losing confidential information.
The attack news were reported by The edgewho obtained a copy of the non -compliance notification letter, the company’s security chief, Zeeshan Khadim, sent to the affected customers.
According to the letter, an unidentified threat actor abused a “erroneous authentication configuration of two factors (2FA)” in the account of an employee to obtain unauthorized access to certain code repositories of more than. “
AI training
Normally, this would not affect our clients, “he also affirms the letter, but after auditing the content of the repositories, Zapier found certain customer information that was inadvertently copied to repositories for purification purposes.”
These were “isolated incidents,” said the security chief. We do not know exactly how many people were affected or what kind of information was stolen. However, we know what was not: “This incident did not affect any Zapier database, infrastructure or production, authentication or payment systems.”
Once Zapier was aware of the incident, he assured access to the repositories and invalidated the committed account. The company also generated a safe link in which affected customers can see a copy of their impacted data.
“Check this data and take the appropriate actions, which may include the valid tokens rotation of flat text authentication that may have been used in places such as the code or the configuration of the webhook step that were found in the affected data,” says the letter, suggesting what information can have been taken. “Keep in mind that their Zap/App’s authentication tokens were not affected by this incident. We also recommend that you check the safety configuration in your Zapier account and your other online applications, including 2FA activation when available. “
The company is now executing an exhaustive audit and an internal remediation of the process to avoid similar incidents in the future.
