Author Topic: Major concern!  (Read 379 times)

Offline hax0rmort

  • Full Member
  • ***
  • Posts: 107
  • Karma: +9/-5
Major concern!
« on: March 31, 2017, 01:52:38 pm »
I received an email with a clickable link attachment from one of your associates from an official getvera email that I have recognized from the past.

it was BCC'd to me so I wasn't able to see the list.

I replied with a simple questions mark to the email and here is the reply I got:
----------------------------------------------------------------------------------------------------
"J-
11:44 AM (2 hours ago)

to me
Hello T-,
               The shipping department opened something they shouldn't have, please don't click on the link it's spam, it will send the same email out to all your contacts. Security measures have been reset so this will not continue.
Thank you for your patience and understanding. "
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
You're joking right, there was a breach like this and now your email servers are sending MALICIOUS links to your customers to STEAL THEIR PERSONAL DATA/PII or worse?


WHY WAS I NOT TOLD ABOUT THIS BEFORE?   AFTER THE EMAIL BREACH WAS NOTICED?   WHY DID I HAVE A MALICIOUS EMAIL from Vera In my box and no FOLLOW UP saying "DON'T CLICK, DISREGARD!" 

This is a HUGE,  MAJOR,  SEVERE security breach.   

What do you intend to do to safeguard my PII if If some action did in fact occur when the link is clicked. 

How many malicious emails have been sent from your servers to date regarding this unique incident?

How many of your customers have been notified.  I have family that uses Vera now too, I think I ought to let them know about the email, it shouldn't be coming from me.  Right guys?


Your own department was notified at a minimum.  You'll protect your own employees but what about the customers?  Who does something like this get reported to?  Do we (customers) have rights extrinsic to Vera Ltd if you do nothing in a breach like this?

Please advise, ASAP!


V/r,

T-
concerned user
--


-Sent from NSA_VAN6
(LE: edited names)
« Last Edit: April 12, 2017, 10:05:32 am by John M. »

Offline John M.

  • Administrator
  • Full Member
  • *****
  • Posts: 245
  • Karma: +20/-2
    • getvera.com
Re: Major concern!
« Reply #1 on: April 12, 2017, 10:00:48 am »

Hi Tim & all,


Our users security is paramount to us and as a follow up to this isolate incident, we raised even more the security bar, to make sure such a thing will not happen in the future.
In the past week since the incident we've gone through extensive revamps of our security measures.


During our security assessment and investigations we concluded that only a very small fraction of users have been affected. Basically only the users that have been in direct contact with one specific shipping employee.


We followed up as soon as we could, given our preliminary internal investigations were still in progress, to warn the affected users, but it happened that you've replied just before that.


We deeply regret the situation and promise this will not happen again. Thank your for understanding.


As always, should you have any questions, comments, or concerns, please email us at support@getvera.com.
« Last Edit: April 12, 2017, 10:03:55 am by John M. »
John.M. ▾ Senior Customer Care Advocate
Vera Control, Ltd. ▾ Smarter Home Control  ▾ support@getvera.com ▾www.getvera.com ▾ +1 (866) 966-2272

HOURS OF OPERATION (Pacific Time Zone, UTC -8 )
Monday - Friday   12:00 am ? 06:00 pm
Saturday - Sunday   04:00 am ? 06:00 pm