Early this morning our security team observed unusual activity on GetThru’s servers. Upon investigation, it was identified that a large-scale automated attack was underway with the goal of fraudulently compromising our login page.
As a result of this attack, a very small number of user accounts were compromised, due to weak passwords, which could allow the attackers access to associated client accounts. While it is very unlikely this resulted in any malicious activity within those client accounts, we have taken rapid and aggressive steps to ensure the security of our application.
The following security measures were enacted:
- The temporary prevention of any further login attempts while we implemented mitigations.
- Enabling stricter firewall rules to reduce the scope of the attack.
- Removal of the compromised user's access to their associated client accounts.
- Immediately requiring Multi-Factor Authentication on all user accounts until further notice. Instructions for completing that process can be found here.
- Enforced log-out of all currently logged-in users.
- Instituting forced password resets for all user accounts.
We take the security of our clients and their data very seriously and will be instituting further security measures to prevent this type of attack in the future. Users can protect themselves by always using strong passwords.
We apologize for any inconvenience associated with these new security measures. If you need any assistance with implementing MFA or resetting your password please reach out to our Support Team at email@example.com.
The GetThru Team