Free Trial

Language switcher

–Hidden comment

Use attributes in format region_from and region_to= to change the languages showing in language switcher.
Available regions are:
europe_from europe_to
asia_from asia_to
mideast_from mideast_to
america_from america_to

Example:
europe_from=0 europe_to=22 will put all languages (ordered in language switcher settings) from 1 to 21 to Europe region:
asia_from=22 asia_to=25 will put all languages from 23 to 24 (so only 2) into Asia region.

security lines
News Support

Security incident recap: What happened & what’s being done to prevent it in the future

Andrej Csizmadia

Andrej Csizmadia

Last modified on April 22, 2021 at 5:10 pm

On May 3rd, 2020, at approximately 03:00 am (UTC +2), a remote attacker managed to exploit a critical vulnerability in a 3rd party system that is a crucial part of LiveAgent’s infrastructure.

Incident summary

The attack investigation lasted approximately 16 hours to ensure our customer’s data was safe. There’s no indication that the customer’s data was exploited, tampered with, or leaked. According to our insights, the attacker’s goal was to mine cryptocurrencies. 

After the attack was confirmed, our support team immediately shut down most of our servers to prevent any further data vulnerability. The issue was escalated to system admins, as well as top management, and immediate steps were taken to mitigate the attack.

Attack mitigation steps

The following steps were taken to mitigate the attack:

  • Access to Salt masters was limited by firewall rules
  • Patches provided by SaltStack and additional custom patches were applied

Preventative actions

To ensure that an incident like this won’t happen again, our teams implemented:

  • Additional monitoring to identify and patch similar vulnerabilities
  • Complete review and improvement of internal emergency  procedures to ensure a faster reaction time
  • Additional layers of protection to reduce a hacker’s ability to maneuver as they work their way through different levels of defense mechanisms

FAQ

Is it correct that according to a GDPR, there were no break of rules regarding to a personal data?

Yes, there were no break of rules in terms of GDPR. If it was a case we would have already informed a relevant government office.

We apologize

We apologize for any inconvenience this attack may have caused for your business. We appreciate your patience and understanding and hope to make it up to you with years of excellent service.

Andrej Csizmadia

Andrej Csizmadia

Growth Marketer

Andy is Growth Marketer at LiveAgent. Previously, he studied International Relations and Business Diplomacy and was active as a volunteer in the world's largest student run organization, AIESEC. Running, music and reading books are his favourite free-time activities.

Our website uses cookies. By continuing we assume your permission to deploy cookies as detailed in our privacy and cookies policy.