Zendesk hack endangers Tumblr, Twitter and Pinterest users
Posted on 22 February 2013.
Popular customer service software provider Zendesk has announced that they have been hacked.

"We’ve become aware that a hacker accessed our system this week. As soon as we learned of the attack, we patched the vulnerability and closed the access that the hacker had," Zendesk CEO Mikkel Svane wrote on the company blog.

"Our ongoing investigation indicates that the hacker had access to the support information that three of our customers store on our system. We believe that the hacker downloaded email addresses of users who contacted those three customers for support, as well as support email subject lines. We notified our affected customers immediately and are working with them to assist in their response."

He also noted no other customers (or their users) have been affected by the breach, but didn't name the three affected customers.

But Wired's Mat Honan has managed to unearth that these three are Twitter, Tumblr and Pinterest, as they have already emailed their own potentially affected customers to warn them about possible repercussions.

They all pointed out that no passwords were compromised, but that the attackers have managed to collect contact information such email address, name, phone number, or username, and may use it to mount targeted phishing attacks aimed at stealing users' passwords, and ultimately at hijacking their accounts.


Compromised cPanel "Account Suspended" pages redirect to exploit kit

The code redirects visitors to another URL where the Fiesta exploit kit is hosted, which then tries to detect and exploit several vulnerabilities in various software. If it succeeds, the visitors are saddled with a banking Trojan.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 27th