Blog Post

Release Notes
2 MIN READ

ACCESS RESTORED: Khoros Social Marketing, Intelligence, Experiences

JustinC's avatar
JustinC
Khoros Alumni (Retired)
5 years ago

Access to Khoros Social Marketing, Intelligence and Experience products has now been re-enabled. Our mobile app, Vault, and Promotions are still suspended. Users who reset their Khoros Marketing Platform in the past 48 hours (as of this notice) will need to create a new password. 

For further context on the incident, as you know, Khoros Marketing platform access was shut down on Friday evening (CST) due to renewed suspicious activity. Our investigation confirmed that, as a result of an aggressive phishing attack, a malicious third party gained credentialed access to our platform. It appears to have been the same bad actor who attacked our system last week -- a coordinated, aggressive, and malicious third-party organization. We acted swiftly to contain the bad actor’s reach, and the attack was limited to two customers. Those customers have been notified. 

Given the aggressive and persistent nature of the phishing attacks from a 3rd party, we took action to mitigate future risks before restoring access to the platform. We have done our best to be transparent with you about the incident and our actions, however we cannot disclose the exact security measures taken in the interest of protecting the platform’s integrity. 

Please note: phishing attacks are not prevented by Multi-Factor Authentication if a user’s email is compromised. As such, we ask you to partner with us in reviewing the users with access to your account, and review processes to ensure safety measures are being taken. We encourage all users to remain vigilant against social engineering and phishing tactics.

We will continue to communicate with you through status.khoros.com, email, Atlas (where you can find the latest news on the Marketing blog), your Customer Success Managers, and through in-platform messaging to help you return to business as usual. 

We appreciate your continued patience as we work diligently to bring all products within the Marketing platform back online securely. 

Updated 6 months ago
Version 3.0
  • I wanted to pass along a reminder to everyone on recommended steps as you come back to work in Social Marketing. Below are some quick resources to review as you get back to business.

    Recommended Steps for Company Admins:

    • Re-authenticate any de-authorized Social Accounts in your Initiatives by following the steps found in this article.
    • It is not expected that any post will publish without your direct action. Publishing across your account has been paused. All scheduled posts are available but will show a Failure to Publish error until you reschedule or approve. You should examine your content Calendar to reschedule or remove posts as needed, until you are ready to un-pause publishing. 
    • Steps for un-pausing publishing can be found in this article. Only user roles with permission to administer an initiative can unpause publishing. 

    You can review the prior instructions for reenabling your Khoros Social Marketing Instance here.

    Notice: If you have already completed a user review, you do not need to do this again.