Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Kerio Cloud customer data was hacked! (A fired employee still had access to customer data.)
  •  
Think Fixed is currently offline Think Fixed

Messages: 495

Karma: 0
Send a private message to this user
This past Friday evening, a friend forwarded to me an email that she received from Kerio Cloud stating that her account information had been hacked, and that her information is now for sale on the dark net. After I forwarded this to a GFI exec, an email was sent out to Kerio Cloud customers explaining that a fired employee sent the email, and that they are now reevaluating their off boarding procedure to ensure that this does not happen again. The problem is that it happened. An apology and a promise to do better doesn't solve this. This is total incompetence on display. It's very clear that customer data was easily accessible. When you fire someone, you should terminate their access to systems at the same time that they are being fired, or just before. Whether or not my friend's payment data has been harvested is irrelevant. Her name, email address, and other identifying information was obtained, and that information can also be sold on the dark net. The damage has been done, and it's HUGE. Everyone at GFI who was responsible for not properly safeguarding customer data should be fired. Immediately. How can anyone ever trust GFI again?

[img]./fa/4834/0/[/img]


*** If a GFI employee removes this post, that won't shut me up. I will post this all over the place. This is one scandal that will not be swept under the rug.

  • Attachment: email.jpg
    (Size: 85.87KB, Downloaded 229 times)

Howie Isaacks
Systems Engineer | Apple Solutions Consultant
Think Fixed LLC, Dallas and Fort Worth

www.thinkfixed.com
  •  
Maerad is currently offline Maerad

Messages: 192
Karma: 38
Send a private message to this user
Funny, after the 25. May the European GDPR (data protection law) will be in effect. That means that kerio connect would be forced to a public statement and information to consumers and the official bodies like the gov. data protection agency's. Depending on the case, they could be fined for 300k € per incident OR 4% for the TOTAL, WORLDWIDE SALES.

If this is true, there should be at least an official statement...
Previous Topic: Kerio Connect and GoGet devices
Next Topic: Calendar sync issues with Android OS
Goto Forum:
  

 ]

Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Sep 19 11:34:10 CEST 2018

Total time taken to generate the page: 0.93041 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.