IT incident at music plug-in maker Sound Radix: Nearly 300,000 accounts leaked
At the Have I Been Pwned project, you can check if your own email address is part of the data leak at VST plug-in manufacturer Sound Radix.
(Image: heise online / dmk)
The Have I Been Pwned project has newly added around 293,000 email addresses. These originate from a data leak at music plug-in manufacturer Sound Radix.
In emails to customers and on its website, the company Sound Radix shares details about the data leak following an IT attack. “We recently discovered that an unauthorized third party gained access to our external customer support platform (Freshdesk),” Sound Radix explains there. The attacker(s) accessed the account of a support employee and sent fraudulent emails from it. These display “Eviivo Support” as the sender name and “bnc@soundradix.freshdesk.com” as the email address. The company advises recipients to delete emails from this address immediately.
When Sound Radix became aware of the unauthorized access, the company immediately protected the affected account and implemented further security measures. The investigation of the incident revealed that unauthorized access to names and email addresses of users who had been in contact with technical support was possible. There are ambiguous indications that unauthorized access extended beyond the support platform and included names, email addresses, and password hashes from the larger user database.
Data Leak: Financial Data Not Affected
Sound Radix emphasizes that sensitive financial data, such as credit card information, was not accessible. The Have I Been Pwned project (HIBP) received information about the incident from Sound Radix and has added the approximately 293,000 affected email addresses to the data dump of leaked accounts.
Videos by heise
At HIBP, customers who have purchased Sound Radix plug-ins can enter their email address to check if they are affected. Phishers can misuse the information that plug-ins for music production were purchased with the address to send more credible scam emails.
Such IT incidents are now observed daily. At the beginning of the year, for example, the European Space Agency ESA fell victim to a data leak. The tactic is now observed more frequently, whereby cybercriminals gain access to support systems and the customer data stored there through phishing; in mid-2023, Salesforce users in particular were the focus of such campaigns.
(dmk)
