Customer service solutions provider Zendesk, which provides software-as-a-service products related to customer support, sales, and other customer communications, has suffered a data breach when threat actors targeted its employees with an SMS phishing campaign.
At least one employee fell for the phishing attack that allowed the attackers to steal the employee’s credentials.
Last week, cryptocurrency trading and portfolio management company Coinigy revealed that Zendesk had informed them of the attack. According to Coinigy, several employees were targeted as the result of the campaign.
Zendesk discovered the data beach on January 12, 2023 after finding that service data belonging to the company’s account was in the logging platform data. Zendesk has not released a statement regarding the attack on its website.
Based on the available information, it is possible that the attack on Zendesk is related to a campaign named 0ktapus, in which a threat actor that appears to be financially motivated targeted more than 130 organizations between March and August 2022, including major companies such as Twilio and Cloudflare.
The 0ktapus attackers used SMS-based phishing messages to obtain employee credentials and victims included cryptocurrency companies.
This is not the first data breach disclosed by Zendesk. In 2019, the company revealed that it had become aware of a security incident that hit around 10,000 accounts.