Zimbra Forums Security Notice: September Incident & Action Required

Important message for all Shadow-Soft Zimbra customers subscribed to Zimbra forums notifications:

The forums on www.zimbra.com were recently the target of an attack in which the main forum page was defaced and some personal data was potentially compromised.  The personal data that may have been compromised is relegated to the following: email addresses registered to the forums, demographic data shared and real names given during the registration process, and passwords.  The attack was limited solely to the forums; no billing data, credit card numbers, or any other personal data was compromised at any time.


This attack was due to a vulnerability found in third-party software used by Zimbra to run the forums on www.zimbra.com.  As soon as the attack was detected, Zimbra took steps to block access to the attackers and placed the forums in a maintenance mode to prevent further risk while they investigated and saved forensic data.  Steps have now been taken to update the software to address the vulnerability that was exploited and to prevent future such incidents. Zimbra security is also investigating the incident further to determine if legal action is necessary.


As a result of the exploit, some accounts may have been compromised and encrypted passwords received, posted, or changed by the attackers.  Zimbra has reset all passwords, and everyone with a forum account on www.zimbra.com will be required to go through the email verification process to reset their passwords and regain access to their accounts.


If there are any further questions, please contact forums@zimbra.com.



The Shadow-Soft Team

Related Posts