Zendesk breach affected Twitter, Tumblr and Pinterest

Zendesk breach affected Twitter, Tumblr and Pinterest

Summary: U.S.-based customer service software provider confirmed hacker accessed its system and downloaded e-mail addresses of users from 3 of its clients.

SHARE:

Zendesk has confirmed a security breach enabled hackers to access their system and reportedly accessed user data belonging to Twitter, Tumblr and Pinterest. 

glowing-keyboard-hacker-security
A hacker downloaded e-mail addresses of users who contacted three of Zendesk's clients for support, along with their e-mail subject lines.

The U.S.-based customer service software provider announced in a blog post on Thursday, a hacker downloaded e-mail addresses of users who contacted three of its clients for support, along with the e-mail subject lines. Zendesk enables companies to outsource many of their customer service functions to it via software tools, and has more than 25,000 clients, according to its Web site.

Zendesk said it has has since patched the vulnerability, blocked access to the hacker after learning about the cyberattack, and is working with its affected clients to assist in their response.

However, Wired news site has learnt Zendesk's three affected customers were social media sites Twitter, Tumblr and Pinterest. According to Wired, all three social media sites have sent e-mails notifying users that Zendesk, whom they used as their customer support vendor, had been breached, and user information had been accessed.

According to a source who spoke to Wired news site, some customers also may have had their phone numbers revealed, but no passwords, password hashes, or even encrypted passwords were revealed. Neither Twitter, Pinterest nor Tumblr are aware of any user accounts that were compromised by the attack.

This comes on the heels of last week's announcement by Facebook it had been hacked last month, caused by a Java zero-day exploit that has since been fixed. The social network maintained no user data was compromised. On Tuesday, Apple also revealed it was hacked by the same group that attacked Facebook, using the same Java exploit.

Topics: Security, Outsourcing, Social Enterprise

Ellyne Phneah

About Ellyne Phneah

Elly grew up on the adrenaline of crime fiction and it spurred her interest in cybercrime, privacy and the terror on the dark side of IT. At ZDNet Asia, she has made it her mission to warn readers of upcoming security threats, while also covering other tech issues.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion