We would like to make you aware of an issue regarding customer support data. A sandbox customer support & success development environment containing a subset of our customer corporate contact information and support interaction data was inadvertently left accessible for a brief period of time. We investigated and rectified the issue immediately. We have confirmed that no customer-owned data was exposed.

Impact

This sandbox environment was being used to develop a new solution for customer experience. The sandbox data repository contained customer names, business contact information, support requests, in addition to customer support conversations. Again, we have confirmed that no customer-owned data was exposed.

Root Cause

Our investigation traced the cause to a developer error. The sandbox development data repository defaulted to a lower access security level and we failed to follow our standard security procedure to appropriately set the access control. To prevent this from happening again, we are rolling out stricter processes such as multiple levels of approvals and security reviews throughout the organization.

We apologize for this incident. We are very serious about safeguarding customer information, and this is clearly unacceptable to us. We are continuing to review the situation to improve our processes. We will update this blog if we find any new information.

Timeline of Issues and Mitigation