We want to openly discuss a recent incident that affected our service on November 7th, 2023.
Incident Details:
On November 7th, we identified a software defect that allowed a user to access data beyond their permission scope, which led to the exposure of a limited amount of real-time server monitoring data for a customer’s account. The affected customer has been contacted, and an incident report has been provided. This incident was the result of a corner case software defect, introduced by us in a very recent update. This was not the result of any malicious activity. We want to clarify that based on our investigation, we have no evidence that personal data was exposed as a result of this incident.
Immediate Response and Resolution:
Upon detecting this issue, the service affected by this defect was suspended to prevent any further potential exposure. Our technical team investigated the incident, and rolled back to a previous version of the affected service which does not contain the defect.
Scope of the Incident:
Our security review, including a detailed examination of system logs, strongly indicates that this was an isolated incident, seemingly affecting only one user. We found no signs of similar occurrences or broader exploitation within our user base.
Safeguarding Your Data:
We take safeguarding your data very seriously. In response to this incident, we are actively working to enhance our processes to prevent such occurrences in the future. Our commitment to protecting your information is unwavering.
Our Commitment to Transparency:
We understand that any incident, regardless of its scale, can be a cause for concern. Please be assured that maintaining the integrity of our services and your trust in us is our highest priority. We are dedicated to being transparent and proactive in our communications with you.
Thank you for your understanding and continued confidence in our services.
Sincerely,
David Tattersall
CEO
Intergral GmbH