A vulnerability present in the customer relationship management (CRM) system of Interxion, a Netherlands-based provider of carrier and cloud-neutral colocation data centre services, has been exploited by attackers to access contact details of the company’s customers.
According to an email sent to affected customers, Interxion discovered in December that they have been breach – “despite the multiple levels of protection in place.”
The good news is that no financial information (credit card details) or sensitive customer has been accessed as it’s not stored within that particular system.
“We emphasise that this incident only affected Interxion’s CRM system and did not impact or involve any of the data centres or services that Interxion provides,” the company noted.
What was ultimately compromised? Some of the credentials for the CRM system, wich allowed the attackers to access some customer and prospect contact details – names, job titles, contact email addresses and phone numbers.
There is nothing affected customers can do about that, except be mindful of the fact that their contact details are now in the hands of potential cyber crooks, and can be used to mount extremely credible phishing and social engineering attacks.
According to information provided by the company spokesman, the vulnerability in question has been fixed, affected customers notified, and the relevant authorities informed.