Imunify360 Blog

Information about a recent security incident

Written by Vladimir Markevich | Apr 25, 2023 3:00:00 PM

Dear Imunify customers,
We would like to inform you about a recent security incident that may have affected the analytical data collected from your servers by the Imunify product (e.g., attacker IP addresses, captcha events, etc.). Your privacy and information security are our top priorities, and we deeply regret any inconvenience this may cause.

1. What happened?

2. What have we done, and what are we doing?

3. What should you do?

 

 

What happened?

 

During scheduled internal database maintenance, an unexpected error occurred that disabled a part of the security controls in the dashboard.cm.imunify360.com service. As a result, users of this service could see a limited sharded portion of the security incident log data recorded at the time of the incident, such as malware infection detection, failed log-in attempts, IP blocking, and similar.

The incident occurred on the afternoon of April 18, 2023, and was resolved on April 19, 2023, at 9:30 AM (GMT +2). Only a small part of the analytical data collected after April 18 could be accessed, and no evidence of additional access attempts was found.

As Imunify refrains from gathering confidential information, customers are NOT exposed to any potential risks. Nevertheless, we consider informing you about the incident essential to uphold our commitment to transparent communication.

 

 

What have we done, and what are we doing?

 

Upon discovering the incident, we immediately took the necessary steps to secure the disclosed data and prevent further unauthorized access. We also examined all requests that occurred during the incident period and did not find any suspicious/malicious requests that could signal additional unauthorized access attempts.

Our team is working on a thorough investigation of what happened to prevent similar incidents in the future.

 

 

What should you do?

 

As analytical data does not contain confidential information, no additional action is required from the customers.

We apologize for any concern or inconvenience this incident may have caused. We are committed to continually improving our security measures and are implementing additional safeguards to prevent such incidents from happening in the future. 

Should you have any questions or concerns regarding this matter, please do not hesitate to contact our customer support team at https://cloudlinux.zendesk.com/hc/en-us/requests/new.

Thank you for your understanding and continued trust in Imunify.