This token data could be exploited to review and/or modify Umbrella/OpenDNS configurations and view event history. After a comprehensive log review, we determined that a limited number of unauthorized users may have viewed log events that included the Dynamic IP Updater API Token. Upon notification, access to the Umbrella/OpenDNS diagnostics site was immediately disabled and Cisco confirmed it is no longer publicly accessible. Cisco is committed to transparency and this communication provides further detail about this incident along with further instructions. We immediately disabled public access to the site and determined that some log events within the Dynamic IP Updater system were partially visible between Maand April 13, 2020.Īs a precaution, we have taken steps to help protect the security of your account and your action is required to restore full functionality. On 13 April 2020, Cisco became aware that an Umbrella/OpenDNS diagnostics site was publicly accessible. Please see the bottom of this message for account information we have on file. If an administrator contact was available, they are in the CC line of this email. You are receiving this notice as, according to our records, you are a user of the Cisco Umbrella/OpenDNS “Dynamic IP Updater” software. Here is the content of the email: Umbrella/OpenDNS Dynamic IP Updater Data Incident Notification
0 Comments
Leave a Reply. |