This week a cybersecurity company called Transmit Security, that focuses on providing corporate clients with tools to securely log users into different services, notified customers of a data breach at the firm. The breach impacted over a thousand email addresses, passwords, phone numbers, and other sensitive information.
The customer notification message says that a security researcher contacted some of Transmit Security’s customers on Monday and reported unauthorized access to the data, according to a copy of the message obtained by Motherboard.
Did you receive the Transmit Security breach notification? We’d love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on firstname.lastname@example.org, or email email@example.com.
“Based on information provided by the researcher it seems that the attackers gained access to NextCloud, a file sharing support-system through which Transmit distributes mainly binaries to customers,” the message reads. Transmit Security has shut down its NextCloud system in response, the message adds.
As well as the email addresses and personal information, the breach also impacted source code, binaries and emailed communications shared between Transmit Security and clients, the message adds. The message said that application and customer data from clients themselves is not affected.
Transmit Security did not immediately respond to a request for comment.
Transmit Security left stealth in 2017 with $40 million in self-funding.
Subscribe to our cybersecurity podcast, CYBER.