MANILA, Philippines – Hackers accessed the systems of customer support service ZenDesk on Thursday, February 21, prompting its affected clients, Tumblr, Twitter, and Pinterest, to go on alert.
The official statement from ZenDesk noted: “We’ve become aware that a hacker accessed our system this week. As soon as we learned of the attack, we patched the vulnerability and closed the access that the hacker had.”
ZenDesk added that their investigation shows the hacker gained access to support information that 3 of its customers had. ZenDesk also believes the hacker “downloaded email addresses of users who contacted those 3 customers for support, as well as support email subject lines.”
The Verge noted Tumblr as one of the ZenDesk customers affected, and Tumblr acknowledged the hack, sending out emails to potentially affected users, saying that emails sent to a number of Tumblr support addresses may have been affected.
These potentially affected addresses are:
Wired has copies of the emails released by Tumblr, Twitter, and Pinterest. Pinterest’s email notes that, “Unfortunately your name, email address and subject line of your message were improperly accessed during their security breach,” and asks users to use strong passwords and be wary of suspicious emails.
Emailing a small percentage of Twitter users who may have been affected by Zendesk’s breach. No passwords involved. zendesk.com/blog/weve-been…— Support (@Support) February 22, 2013
Twitter also posted a status update tweet, noting that it sent emails to “a small percentage of Twitter users who may have been affected by ZenDesk’s breach.” While Twitter says the breach did not expose account information, it may have “included contact information you provided when submitting a support request.”
The ZenDesk hack follows reports of attacks against news outlets like The New York Times and The Wall Street Journal, as well as major companies like Apple. Hackers also exploited NBC.com to distribute malware among visitors, according to The Verge. – Rappler.com