Incident Statement on Network Attack
Dear Channel Partners and Customers,
On Sunday, October 16, 2022, MDaemon Technologies became the victim of a ransomware attack. The attack impacted our on-site IT systems and website. Our cloud platforms and services were not impacted. Upon discovery of the attack, the network was isolated immediately, and critical systems recovery efforts were conducted. We enlisted the services of a third-party cybersecurity firm to oversee and assist with thorough remediation and incident response. Sanitization of all network and infrastructure components was conducted before the final recovery steps were taken.
The incident report and forensic review concluded that the attack was executed through a WordPress vulnerability. Although we were not actively using WordPress, its presence on our network was exploited. It is important to note that the attack did not occur from any email-borne threat and our email server and email security software products continue to provide customers with secure and reliable protection.
Because of the nature of Ransomware as a Service attacks, a motive of double extortion is possible where the attacker may seek to publish any information that may have been obtained on the dark web. During the forensic investigation, it was determined that limited customer information such as company name, address, email address, contact name, and phone number may have been acquired. Additionally, we have assumed that intellectual property such as licensing information and source code elements may have been obtained. In response, we will continue to maintain and advance the anti-piracy measures that validate licenses and authorize the use of our software products.
To ensure customer confidence, we performed security screening of all software install files and related files or documents that were previously distributed, conducted a full audit and scan of the digital signature of every installer file to validate the accuracy of each code-signing certificate, and audited the software source code database and software build processes to ensure that no malicious elements or objects were present at any stage during the software build process.
We continue to work with the cybersecurity firm on additional network protection measures as part of an ongoing comprehensive prevention strategy to minimize any impact of future attacks. We remain committed to taking all necessary steps to ensure ongoing confidence that using our email server and email security software remains as secure and reliable as it has for the past 25 years.
Should you have any questions or concerns, please contact us directly.
Questions can be directed to Kevin Beatty, VP Marketing, at firstname.lastname@example.org