Software company Zendesk has recently confirmed a data breach that reportedly began with a “sophisticated SMS phishing campaign” that targeted some of its employees.
Zendesk is a developer of customer relationship management software based in San Francisco, California, that helps businesses of all sizes provide a better customer experience. Zendesk currently has approximately 100,000 customers across 160 countries and territories, including cryptocurrency trading and portfolio management company Coinigy.
What We Know About the Zendesk Data Breach
According to SecurityWeek, Coinigy was only recently informed by Zendesk that it may have been affected by the data breach. While Zendesk did not reveal how many customers were impacted by the breach, it is known that other companies affected by the alleged data breach against Zendesk were informed before Coinigy.
Zendesk confirmed to Coinigy that between September 25 and October 26, 2022, hackers were able to access unstructured data on a registry platform. While it is unclear what data was accessed, Coinigy was informed that service data of the company’s account was potentially included in the compromised data from the registry platform.
Zendesk’s Response to the Breach
Zendesk stated that it had found no indication that Coinigy’s Zendesk instance had been exposed during the data breach, but it was continuing to investigate the possibility.
Coinigy has not yet made a public statement about the data breach, and it is not clear how many of its users were impacted by the incident.
However, in the wake of the breach, all individuals and businesses that were impacted by the recent data security incident have been sent data breach notification emails from Zendesk.
The Aftermath of the Data Breach
This breach is not the first time Zendesk has been targeted by cybercriminals. In November of 2022, cryptocurrency exchange Kraken informed its clients of a data breach against Zendesk.
At the time, Kraken claimed that client accounts and funds were not at risk. While there is no evidence to suggest that Coinigy’s Zendesk instance was exposed during the breach, it is still possible that sensitive data was compromised.
The Zendesk breach is just one of many data breaches that have recently occurred, with PayPal revealing this month that a credential stuffing attack led to a data breach that exposed the personal information of nearly 35,000 users of the e-commerce company. In the wake of these incidents, it is more important than ever for individuals and businesses to take steps to protect themselves from becoming a victim of fraud or identity theft.
If you are a Coinigy user or have received a data breach notification email from Zendesk, you must take steps to protect yourself.
Some recommended actions include changing your passwords, monitoring your credit report for any suspicious activity, and contacting your bank or financial institution if you notice any unauthorized transactions.
Protecting Your Business With MyITGuy
In conclusion, the recent data breaches at Zendesk and PayPal serve as a reminder of the ongoing threat of cyber attacks and the importance of taking proactive measures to protect your personal and business data.