Maplesoft is investigating a security breach of its administrative database that took place on July 17th, 2012. As a result of the breach, the perpetrators gained access to some email subscription data, including email addresses, first and last names, and company and institution names. Any financial information held by Maplesoft remains secure, and has not been affected by this security breach.
The perpetrators appear to be using email addresses they have taken from the database to spread viruses or malware. The perpetrators are posing as Maplesoft in an attempt to have individuals they email click on a link or download a malicious piece of software. Recipients should not respond to these emails and they should not open any attachments or click on any download links. These emails should be deleted immediately. Maplesoft discovered the security breach after some of Maplesoft’s customers received what appeared to be a spam email. Notification of the spam email was then immediately posted on the Maplesoft website. Upon investigation by Maplesoft’s IT staff, the security breach was discovered and Maplesoft took immediate corrective actions to stop the breach and prevent further unauthorized access to Maplesoft’s databases. All of the individuals affected by the security breach have been alerted by Maplesoft directly.
“Maplesoft takes the security of our customers’ and contacts’ personal information very seriously. We are in the process of notifying all individuals whose information may have been compromised,” said Jim Cooper, CEO of Maplesoft. “We have locked down our systems to prevent further unauthorized access and we are reviewing our security practices and procedures to help ensure this does not happen again.”
“We deeply regret any inconvenience or concerns that this situation may cause our contacts and customers,” added Cooper.
Maplesoft has setup a webpage, www.maplesoft.com/security, where concerned individuals can review the most up-to-date information related to the breach. Customers and contacts with questions or concerns can contact Maplesoft Customer Service directly at 519-747-2373. Full Maplesoft contact details, including international contact numbers, are available here: www.maplesoft.com/contact
| Timeline: |
**All times listed below are in Eastern Daylight Time.
|
| July 17, 2012 |
| 1:00 pm |
Maplesoft began receiving inquiries into Customer Service about a fraudulent patch email being sent. |
| 1:30 pm |
Maplesoft started an investigation. |
| 2:40 pm |
While we were investigating the origins of the email, we posted a warning on our website support area to prevent contacts from downloading the “patch.” |
| 4:00 pm |
At this time, we realized the scale of the SPAM emails based on incoming inquiries. |
| 5:10 pm |
We began sending an email communication to those we believed were receiving the fraudulent emails, warning people not to download the “patch.” |
| 6:00 pm |
Maplesoft confirmed a security breach and began immediate lockdown of systems. |
6:00 pm to morning of
July 18th |
Maplesoft continued its investigation to determine the extent of the breach. |
| |
|
| July 18, 2012 |
| 8:00 am |
A new warning was posted to the Maplesoft website support area notifying of alternate email text in the fraudulent emails being sent. |
| 9:00 am |
Maplesoft notified legal authorities and began preparing a detailed notification for all affected contacts. |
| 1:45 pm |
A security breach statement was posted on the Maplesoft website, including notification on the Maplesoft homepage. |
| 1:55 pm |
We began sending email communications to all those affected, notifying them of the security breach. |
| |
|
| July 19, 2012 |
| 12:45 pm |
We posted an updated to the Maplesoft website with information about the type of virus being fraudulently sent to Maplesoft contacts and advice on how to delete the virus from infected computer systems. |
| 12:45 pm |
To further answer questions about this situation, we have posted a full timeline to our website. |
|
| Answers to Common Questions |
In response to questions we have received from the public, we would like to highlight two important facts:
1. There has been no breach of account logins, passwords, or credit card data. What was taken was email subscription data that included only email addresses, and in some cases, first name, last name, and company or institution names.
2. What has been compromised is a partial email subscription list, not our customer database. The data taken includes older subscription data, which means a significant portion of the list is dated and many of the email addresses are invalid. |
| Important Notice: |
UPDATE July 19th at 12:45 EST
We have determined that the attachment in the spam email was a virus.
Depending on the antivirus client used it will be identified by one of these names: Zbot, ZeroHour, or Zeus.
Most up to date antivirus scanners should detect and clean the threat. We have tested and can confirm that the following scanners will remove the threat:
• Microsoft Security Essentials
• AVG
• Norton 360
UPDATE July 18th at 08:00 EST
A second version of the message has been reported. Recipients of this message are provided a link which directs users to a location with the domain maple-soft.com. Please be advised that this domain is not controlled by Maplesoft and the link should not be clicked under any circumstances. As originally posted, please contact Maplesoft Customer Service if you have any questions or concerns.
POSTED July 17th at 14:40 EST
Some Maplesoft users have been receiving emails that indicate a new patch for Maple software is available. Recipients of this message receive an attachment called Maple_Patch.zip which they are asked to extract using the password MapleSecuirityUpdate1707. Please be advised that this patch did not originate from Maplesoft and should not be opened under any circumstances. Maplesoft is currently investigating further. Please contact Maplesoft Customer Service if you have any questions or concerns |
|
