Zendesk, the customer service software provider with 25.000 customers, yesterday announced a security breach that affects users of Twitter, Pinterest and Tumblr. According to Zendesk, email addresses of users who have contacted Twitter, Pinterest or Tumblr for support have been downloaded by the hackers.
Wired reports passwords were not part of the breach but that some customers may have also had their phone numbers revealed during the hack. Tumblr, Pinterest and Twitter already have notified the affected users. So far neither Twitter, Pinterest nor Tumblr are aware of any user accounts that were compromised by the attack.
Here is the original blog post from Zendesk:
“We feel that it’s important our customers receive an update from us on a recent security situation. We have an investigation underway and do not have the answer to every question.
We’ve become aware that a hacker accessed our system this week. As soon as we learned of the attack, we patched the vulnerability and closed the access that the hacker had. Our ongoing investigation indicates that the hacker had access to the support information that three of our customers store on our system. We believe that the hacker downloaded email addresses of users who contacted those three customers for support, as well as support email subject lines. We notified our affected customers immediately and are working with them to assist in their response.
We apologize to our customers and to their users.
Our investigation thus far has revealed that no other Zendesk customers (or their users) were affected.
We’re incredibly disappointed that this happened and are committed to doing everything we can to make certain it never happens again. We’ve already taken steps to improve our procedures and will continue to build even more robust security systems. We will continue to diligently work with our affected customers to mitigate any impact.
We are also completely committed to working with authorities to bring anyone involved to justice and make certain we fully understand what happened. As this process unfolds, we aim to update our customers in as transparent and timely a manner as possible about new developments.”