- Joined
- Jun 13, 2020
- Messages
- 7,544
- Reaction score
- 916
- Points
- 212
- Awards
- 2
The founder of New Zealand cybersecurity company Emsisoft has issued an apology over a configuration error that led to a system data breach.
News that one of the company's test systems had been compromised was shared on February 3 by Emsisoft founder and managing director Christian Mairoll.
In a security incident that Mairoll wrote "should not have happened," a database containing log records generated by Emsisoft products and services was made accessible to unauthorized third parties.
Mairoll revealed that the database was accessible between January 18, 2021, and February 3 and that at least one individual had accessed some of its records in an automated attack.
"The attack profile indicates that this was an automated attack and not specifically targeted at Emsisoft. Also, our traffic logs indicate that only parts of the affected database were accessed and not the entire database," wrote Mairoll in a February 4 incident update.
"However, due to technical limitations it’s impossible to determine exactly which data rows were accessed."
In response to the attack, the company took the impacted system offline and started a complete forensic analysis of the incident. The investigation revealed that 14 customer email addresses associated with seven different organizations were among the data impacted by the breach.
"The stolen data in question consists of technical logs produced by our endpoint protection software during normal usage, such as update protocols, and generally does not contain any personal information like passwords, password hashes, user account names, billing information, addresses, or anything similar," wrote Mairoll.
"However, as part of the investigation, we noticed that 14 customer email addresses were part of the scan logs due to detections of malicious emails stored in the users’ email clients."
Customers whose email addresses were in the stolen logs have been contacted by Emsisoft. Since the incident, the company has voiced a commitment to perform all future tests and benchmarks in an isolated environment without internet access and with artificially generated data only.
"We understand the importance of our role as guardians of your information and online safety and will continue to work every day to re-earn your trust," said Mairoll.
News that one of the company's test systems had been compromised was shared on February 3 by Emsisoft founder and managing director Christian Mairoll.
In a security incident that Mairoll wrote "should not have happened," a database containing log records generated by Emsisoft products and services was made accessible to unauthorized third parties.
Mairoll revealed that the database was accessible between January 18, 2021, and February 3 and that at least one individual had accessed some of its records in an automated attack.
"The attack profile indicates that this was an automated attack and not specifically targeted at Emsisoft. Also, our traffic logs indicate that only parts of the affected database were accessed and not the entire database," wrote Mairoll in a February 4 incident update.
"However, due to technical limitations it’s impossible to determine exactly which data rows were accessed."
In response to the attack, the company took the impacted system offline and started a complete forensic analysis of the incident. The investigation revealed that 14 customer email addresses associated with seven different organizations were among the data impacted by the breach.
"The stolen data in question consists of technical logs produced by our endpoint protection software during normal usage, such as update protocols, and generally does not contain any personal information like passwords, password hashes, user account names, billing information, addresses, or anything similar," wrote Mairoll.
"However, as part of the investigation, we noticed that 14 customer email addresses were part of the scan logs due to detections of malicious emails stored in the users’ email clients."
Customers whose email addresses were in the stolen logs have been contacted by Emsisoft. Since the incident, the company has voiced a commitment to perform all future tests and benchmarks in an isolated environment without internet access and with artificially generated data only.
"We understand the importance of our role as guardians of your information and online safety and will continue to work every day to re-earn your trust," said Mairoll.
