Recent Zendesk Security Breach has Wider Impact than Expected

By Steve Anderson February 22, 2013

Zendesk is a fairly major name when it comes to customer service software, so when it announced that it had been hacked earlier this week, allowing hackers access to data from three of its customers, it raised more than a little alarm. Taken in perspective--given that Zendesk has over 25,000 clients, according to its website--this might not have seemed so bad. But things only got worse when it was discovered just which three customers were impacted by the hacking: Pinterest, Tumblr, and Twitter.

Early Thursday night, Zendesk put out a message via blog post, which was titled "We've been hacked," and went on to explain that, upon becoming aware of the attack, the vulnerability the hacker used to get in was patched, and removed that particular point of entry for further attacks. But in the process, Zendesk's investigation revealed that the hacker in question had accessed "support information" stored on the system. What's more, Zendesk also believes that the hacker got e-mail addresses from those who sent e-mails requesting support from Twitter, Pinterest and Tumblr, as well as the subject lines of those e-mails.

Additionally, some customers may have had their phone numbers revealed, but this seems to be the extent of the hacker's haul. No passwords, no password hashes, and no encrypted passwords were revealed. None of the sites affected are, as yet, aware of any user accounts accessed without authorization, and so far, reaction to the hack from the companies affected seems to be limited to providing notice to the potentially affected users. Old passwords have not been deleted, and there has been no requirement to switch passwords following the attack, though Pinterest sent out an e-mail suggesting that strong passwords are advisable. Twitter, for its part, even specifically said in an e-mail that it did "...not believe you need to take any action at this time...," which suggests a pretty low chance of serious attack.

It's hard to object to any of the responses from these affected sources. Zendesk moved to patch up its systems with as little delay as possible following the attack. Twitter, Pinterest and Tumblr all notified its users of the attack and included possible courses of action to follow, where applicable, in the wake of said attacks. Sure, no one likes the idea of being hacked in the first place--especially when it's related to companies that many people have contact with on a daily basis and, in many cases, leave a large amount of personal information with--but that's an inherent risk of using the Internet.

Protecting customers' records, and providing prompt and useful information in response to any breaches of that information, is a vital part of a fully-realized customer service experience. The companies affected by this particular breach, meanwhile, seem to have done just the right thing in response to it.




Edited by Brooke Neuman

Contributing TechZone360 Writer

SHARE THIS ARTICLE
Related Articles

Looking For The Next iPod/Echo

By: Rob Enderle    4/29/2016

The Amazon Echo, not the Apple Watch, became the last iPod-like product largely because of a far more accessible price point, a more compelling name, …

Read More

Apple Needs Reset, Not Elon Musk

By: Doug Mohney    4/29/2016

Apple's 13 percent sales decline and subsequent stock price drop this week has lead to the usual crazy talk about how to "fix" the company. Vivek Wadh…

Read More

Is the Apple Bubble Finally Bursting?

By: Andrew Bindelglass    4/28/2016

Over the past 13 years, Apple has been one of the most successful companies in the world of tech, posting sales growths in 51 straight quarters. That …

Read More

Shared-Space Providers (Airbnb) Poised to Beat Ride-Sharers (Uber)

By: Steve Anderson    4/28/2016

Travel may be starting to make a bit of a comeback, as a new report suggests that shared-space providers like Airbnb and WeWork are on the rise.

Read More

Facebook Wants More Sharing, Building New Camera App to Drive It

By: Steve Anderson    4/28/2016

One of the great downsides to having a lot of content in any one place is that, after a while, it starts looking downright pointless to add more.

Read More