European data center provider Interxion has warned its customers of a security breach that may have exposed information about more than 23,000 customers and contacts.
In December, an outsider gained access to Interxion’s customer database and ran a report listing up to 23,200 contacts, including names, job itles, email addresses and phone numbers. Interxion became aware of the breach and told its customers, in an email sent over the weekend from UK managing director Andrew Fray. The customer data was held in a customer relationship management (CRM) system, provided by a third party supplier.
No financial risk?
“No financial or other sensitive customer data was accessed, or is stored within this system,” said Fray. ”We emphasise that this incident only affected Interxion’s CRM system and did not impact or involve any of the data centres or services that Interxion provides.”
Fray says the breach was “temporary and localized”, and that customers don’t need to take any actions.
Interxion says the weakness is fixed, “Upon learning of this incident Interxion collaborated with our CRM supplier and has worked closely with our security team to ensure that all CRM information is secure,” he said. “Measures have been taken to address this specific vulnerability. We have also informed the authorities in all of the appropriate jurisdictions.”
The breach was reported by both Graham Cluley and The Register Cluley warns Interxion customers that the information could be used in phishing campaigns: ”If you do business with Interxion it would seem to me to be wary of any unusual communications you receive, and contact the company if you are in any way uncertain whether a communication from the firm is legitimate or not.”