Kaseya was alerted to a security vulnerability through a presentation at New Zealand's hacker conference, Kiwicon 6, this past weekend. Details of the attack were not disclosed but a demonstration of the attack was shown. Kaseya has tried contacting the presenter, who goes by "Cartel", but have not received any response as yet.

However, Kaseya has successfully reproduced the attack and will release a hotfix to all customers today.

Kaseya always welcomes hearing directly from anyone who thinks they have found a hole, or have shown an exploit (as in this case), or is just worried about security of our system. We take this extremely seriously and drop everything to re-mediate the problem as soon as we hear of it. Typically we get a patch out within a day or two as is the case here.