Data breach incident-NewsRoom


Posted October 11, 2018 by EndoShred

We are currently working closely with Smartech to investigate how this incident transpired.

 
On Tuesday,27 December, our IT vendor Smartech solutions was alerted to an incident that involved a third party unauthorized entry into our server systems. An independent technology expert hired by us had brought the incident to our attention after being contacted by the third party involved. We have credible information that records of 7000 candidates from China, Switzerland and Estonia were accessed. We are confident that no data records from India, Australia and USA were downloaded. After a post-mortem verification of the nature and credibility of the risk, Smartech locked down access the affected server immediately to prevent further breach. The data accessed contained information that could potentially be used to identify candidates. The information includes among others, the first names, last names, email addresses, location, telephone numbers etc. Due to the nature of the data, it can be safely said that there is limited risk of fraudulent activity for those affected. We can also confirm that no other data has been compromised. All the candidates affected have been sent an email notifying about the breach and the level of information that was downloaded and accessed. We are currently working closely with Smartech to investigate how this incident transpired. We are also reviewing our security standards to look out for security loopholes that could be leveraged by cyber miscreants. We are in the process of adoption and implementation of security standards protocols and have hired independent cyber security specialists to coordinate with organization in the area of datat security and cyber forensics. We can assure you that we are working very hard to put appropriate measures in place to ensure that such incidents do not occur ever again. We are deeply disappointed that this breach occurred and wish to apologize to those affected. We request you all to rest assured that every option is currently being pursued to prevent recurrences of such unfortunate breaches that damages the reputation & credibility of our company and cause discomfort and inconveniences to our clients and business partners. While we do not believe that this incident was carried out with any fraudulent or malicious intent, we believe that we must equip ourselves from all sort of threats that bruises the company’s image. In this connection, we have already requested the third-party to destroy all copies of the data and they have confirmed that they have already done so. The third party concerned has also initiated an internal enquiry to find out the individual(s) responsible for the incident and the intention behind the act of unauthorized breach. We rest assured that the matter would be brought to a logical conclusion by the third party concerned, following due process and as per its own norms, practices and standards. Any candidates or clients concerned or directly or indirectly affected by the issue may contact the company to have the issue resolved at the earliest. We assure you that all steps would be taken to have the issue sorted out at the earliest. You may contact us via our company website with the subject line “27 December Data Breach Incident”.

Thank You
-- END ---
Share Facebook Twitter
Print Friendly and PDF DisclaimerReport Abuse
Contact Email [email protected]
Issued By EndoShred
Business Address Paper Shredding Company
http://www.endoshred.com/
Country United Arab Emirates
Categories Business
Last Updated October 11, 2018