Zapier says someone broke into its code repositories and may have accessed customer data
1 min read
Summary
Automation platform Zapier has warned customers that an “unauthorized user” had accessed certain code repositories and may have accessed customer data that had been copied to them.
The incident did not affect databases, infrastructure, authentication or payment systems and the company had invalidated the hacker’s access and secured the repositories, it said.
Customer data had been inadvertently copied into the repositories for debugging purposes, according to the company’s head of security in an email to customers seen by The Verge.
The company has also admitted that a mistake in the setting up of 2FA had allowed the unauthorised access.
As a result, it’s reviewing internal processes to avoid further incidents.