Zendesk states that, as a result of the hack, threat actors had access to unstructured data from a logging platform for a month between September 25th and October 26th, 2022.
On October 25, 2022, Zendesk, a customer service solutions provider, had its security compromised resulting from a sophisticated SMS phishing campaign targeted at its employees.
As a result of the employees’ account credentials being compromised, the threat actor had access to unstructured data from a logging platform for a month between September 25th and October 26th, 2022.
Although the company did not put out an official notice or announcement on its website, impacted customers were emailed with details regarding the security incident.
Coinigy, a virtual wallet services provider, was among those affected and, therefore, received an email from Zendesk support on January 13, 2023. Coinigy’s post regarding the compromise explained that they felt the need to disclose it to their customers and made the email sent by Zendesk public.
“Zendesk determined that Service Data belonging to your coiningy.zendesk.com account may have been in the (exposed) unstructured logging platform data,” the email from Zendesk explained. “There is no evidence suggesting the threat actor accessed the Zendesk instance of your coiningy.zendesk.com account at any time.”
Although Coinigy was informed of the incident in January 2023, it appears that Zendesk notified other victims much earlier. Kraken, a Bitcoin and cryptocurrency exchange, informed its customers about the Zendesk breach as far back as November.
Kraken stated that the attackers viewed the content of support tickets, which included information such as names, email addresses, dates of birth, and phone numbers. The exchange further added that accounts and funds were not at risk.