No announcement yet.

Notice of Data Incident: September 3, 2020

  • Filter
  • Time
  • Show
Clear All
new posts

  • Notice of Data Incident: September 3, 2020

    Notice of Data Incident: September 3, 2020

    Dear ACDSee Forum User,
    You may have heard reports recently about a security issue involving our ACDSee User Forum. We want to make sure you have the facts about what happened, what information was involved, and the steps we are taking to protect you.

    What happened?
    On August 13, 2020, we became aware of a technical issue with our user forum websites. Our IT staff investigated and discovered that there was a problem in the vBulletin software we use to host our user forums. We immediately disabled our forums and took them offline while we investigated the situation. By the end of the day, we had restored the system and data from backup, applied the suggested bug fix, and improved the default security settings. The forums were then put back online and made accessible to our users. At that time, we knew there had been a system failure and data loss but we were unaware there had been a theft of data. However, on September 2, 2020, we became aware that personal data stolen from ACD Systems was being made available online.

    What Information was involved?
    The breach only exposed forum users? email addresses, first names, last names, and IP addresses. Account passwords were encrypted and were not compromised. This breach was limited to just our user forums. No financial information was exposed and your acdID account was not affected by this incident.

    What We Are Doing?
    While this incident did not reveal your password, we always suggest that you implement unique strong passwords and change them on a regular basis to keep your accounts as safe as possible. It is recommended that you do not use the same password on your accounts on different services. Our dedicated team continues to work diligently to ensure that the information you entrust to ACD Systems remains secure.

    For More Information
    If you have any questions, please contact our Privacy team at [email protected].

  • #2
    Originally posted by mcosgrove View Post
    The breach only exposed forum users? email addresses, first names, last names, and IP addresses.
    How could first name and last name be stolen?

    AFAIS the sign up form of vBulletin doesn't ask for these details. However, the sign up form asks for aditional contact info like AIM or ICQ addresses, which are presumably stored in the stolen vBulletin database too.

    Or, did the hackers steal acdid details too, possibly including software registration details?


    • #3

      acdID was not affected. ACD Systems is not aware of any acdID accounts being compromised.

      But if you used the same password on the ACD Forum and acdID, I suggest you change both your Forum and acdID passwords. Regardless, probably a good idea to change your passwords anyways.

      First and Last name was only breached if you provided a first and last name when you signed up to the ACD forum.