Networking, Content

Zendesk Discloses Chat Data Breach

Zendesk has disclosed a data beach involving 10,000 Zendesk Support and Chat accounts. The IT service management (ITSM) and customer service support provider learned of the breach on September 24, 2019 -- though the actual issue occurred before November 2016.

Zendesk's stock fell about 4 percent as investors digested the breach disclosure news today (Wednesday, October 2, 2019).

The breach involved personally identifiable information (PII) and other Service Data. The PII information spanned:

  • Email addresses, names and phone numbers of agents and end-users of certain Zendesk products, potentially up to November 2016.
  • Agent and end user passwords that were hashed and salted – a security technique used to make them difficult to decipher, potentially up to November 2016.

Still, Zendesk -- which has been building a partner program -- found no evidence that those passwords were used to access any Zendesk services in connection with the incident. Also, the company has found no evidence that ticket data was accessed in connection with this incident.

Authentication Information: At Risk for Some Customers?

Moreover, the incident involved certain authentication information for approximately 700 customer accounts. That portion of the breach involved:

  • Transport Layer Security (TLS) encryption keys provided to Zendesk by customers.
  • Configuration settings of apps installed from the Zendesk app marketplace or private apps. This may include integration keys used by those apps to authenticate against third party services.

Zendesk posted a frequently asked questions/FAQ page as well as an email address ([email protected]) for those who may have more questions about the incident. The company is also reaching out to all customers that were potentially impacted by the breach.

Hackers Target IT Support Software Platforms

Hackers have increasingly targeted chat, remote control and RMM (remote monitoring and management) software platforms that MSPs leverage.

Top 200 MSSPs 2019 Edtiion
More MSP Security Guidance: Top 200 MSSPs for 2019.

The fallout has included:

Hackers worldwide have been hitting MSPs of all sizes — not just global technology service providers. The FBI and U.S. Department of Homeland Security have repeatedly warned MSPs and their technology platform providers about such attacks.

Amid those challenges, the MSP industry (spanning technology companies, service providers and more) could soon face a “crisis of credibility” if the market doesn’t take major steps to more effectively mitigate ransomware threats, cyberattacks and associated fallout, ChannelE2E and MSSP Alert believe.

Amid that threat landscape, MSP software providers and their channel partners are increasingly activating two-factor authentication as a means to stop hackers from entering systems.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.

You can skip this ad in 5 seconds