
Flood.io Security Breach - humbfool2
https://status.flood.io/incidents/gsw7vx8cqxk5
======
nickpresta
Here is the full email:

==EMAIL STARTS HERE==

Hello,

You may have seen an incident reported recently regarding a security breach at
Tricentis Flood. We want to provide preliminary information about what has
happened, what information was involved, and what steps we are currently
undertaking to help protect you.

What Happened? \--- On 21 June 2020, automated systems detected a security
breach of services provided by Tricentis Flood. We took immediate action to
contain the breach and have since been carrying out further investigation,
remediation and notification measures. The incident is reported on our Flood
incident status page:
[https://status.flood.io/incidents/gsw7vx8cqxk5](https://status.flood.io/incidents/gsw7vx8cqxk5)

This incident is also closely related to last week's strategic Cyber attacks
on Australian authorities and businesses:
[https://www.abc.net.au/news/2020-06-19/foreign-cyber-hack-
ta...](https://www.abc.net.au/news/2020-06-19/foreign-cyber-hack-targets-
australian-government-andbusiness/12372470)

We believe the purpose of the attack was to steal customer data and,
credentials that allow Flood to orchestrate load testing infrastructure for
customers through third-party cloud providers. These credentials are used by a
subset of Flood customers who utilize our 'hosted' grid infrastructure.

What Information Was Stolen? \--- Potentially a cryptographic hash of your
password has been obtained. While we use an irreversible hashing algorithm
based on Bcrypt, we have already scrambled your password as a precaution. This
means if you use username and password authentication to access Flood, you
will need to reset your password.

Additionally the API token that you use to programmatically access Flood may
have been revealed. We have already rotated all user's API tokens to prevent
unauthorized use.

The following specific user information may have been obtained from your
account: \- This email address \- Your first name \- Your last name \- Your
nickname \- Your company size \- Your employee role

Potentially the following specific account information has also been obtained:
\- Your account name \- Your suburb \- Your state \- Your country \- Your
postal or zip code

Next Steps \--- We cannot determine if any customer test data you have
provided to us, in the form of test plans and supporting test data has been
obtained from your account. However, we are working on the assumption this has
occurred. We will be introducing changes to the way we manage customer test
data through the provision of configurable storage soon. This means we will be
taking an alternative approach to persisting and encrypting customer test
data. We do not plan to migrate any customer test data provided to us before
this impending change.

We will release another notice to account owners via email and our status page
when this change is made. We will also provide a way for you to obtain your
test data, including the option to destroy it permanently.

We will be providing a detailed post-mortem of this incident at our blog, once
we have completed these steps.

For More Information \--- For status updates regarding this incident, please
subscribe to updates on [https://status.flood.io](https://status.flood.io)

If you have any questions, please feel free to contact our team at
support@flood.io

Thank you for your patience and support throughout this challenging issue.

==EMAIL ENDS HERE==

