Marketing Platform Incident: An update on where we are and where we are headed
Thank you to those of you who were able to join us today for the Town Hall we hosted for our Khoros Marketing customers. For those who missed it, I’d like to take a moment here to provide more color on the recent security incident, the decisions we made along the way, and how it informs the future.
Before we get into specifics, I want to share a couple key Khoros tenets that shaped our actions:
- Our customers’ security and success is our TOP priority. Every action we’ve taken was in service of making sure our customers stay secure. Earning our customers’ trust, each and every day, is a core value at Khoros. We hold that trust sacred.
- We are absolutely committed to transparency. We worked hard to share what we could as soon as we were able. We know we have room for improvement here, and rest assured -- we will take our learnings to heart. Still, given the nature of the threat, please know that there were times when our silence as intentional as we worked relentlessly behind the scenes to contain the bad actor; communicating broadly could have exacerbated the activity. Once we had executed against our security protocols to protect all of you, we felt it was safe to start communicating broadly - and we have.
What happened?
On Monday, January 27, we helped a customer recover from a malicious attack on their social properties. On Tuesday, we became a target ourselves. We moved quickly upon identifying the intrusion and shut down access to the platform. We identified the issue -- a malicious actor had exploited a vulnerability in the password reset code -- and then set about executing a series of extensive security protocols to ensure the threat was thoroughly contained.
We realize this was a major inconvenience for you, but when we weighed the inconvenience against the scale of the threat to your brand, we put your security first.
Where do we stand now?
The Khoros Marketing platform, including Social Marketing, Intelligence, Experiences, Vault, and Promotions products are back online. The malicious actor accessed a very small number of accounts; the vast majority of our customers’ accounts were untouched. No passwords or PII were compromised in this attack.
The incident brought to light several opportunities to improve the security of our platform, and we have already rolled out changes to address many of them, including:
- We improved the password complexity and duration requirements in our systems.
- We performed extensive user list audits, and suspended login credentials that were not from a known, branded domain. We have worked with customers with suspended accounts to restore appropriate access.
- We delivered mandatory multi-factor authentication (MFA) across the Khoros Marketing solution.
We have engaged a third-party to complete a penetration test of the entire Marketing platform, ensuring we have contained the threat. (Please know that we have conducted regular third-party pentests of our platform over the years, as many of you are aware.)
What’s next?
We are determined to use this incident to accelerate security and governance features as well as development of best practices -- which we can deliver to all of you. We invite you to join us on February 19th for a webinar dedicated to the Khoros Marketing product roadmap, where you’ll learn more about these enhancements as well as other exciting investments. Please register here.
We will continue to communicate with you through email, Atlas (where you can find the latest news on the Marketing blog), your Customer Success Managers, and through in-platform messaging to help you return to business as usual.
Finally, we are well aware that our decision to temporarily shut down Khoros Marketing disrupted your normal flow of business, and we are committed to making that right. All Khoros Marketing customers will receive compensation for your downtime, which we will credit to your account and deduct from a future invoice.
Living our values
Every company has values, the principles that guide their behavior, regardless of circumstance. Khoros’ values are:
- We listen, learn, and lead to help our customers succeed
- We win and grow as one team
- We earn trust through our actions and attitudes
This incident was a chance for Khoros to put our values into action, and while we hated to disrupt your day-to-day, I am proud of the work we did to keep you and your brands safe. My ongoing commitment is that we will continue to earn your trust and business through our actions, every day. Thank you for being our customer.