Whats up,
We’re writing to tell you of a safety incident. On account of a two-factor authentication (2FA) misconfiguration on an worker’s account, an unauthorized person gained entry to sure Zapier code repositories. Usually, this could not impression our clients. Out of an abundance of warning, we audited the contents of the repositories, and we discovered that in remoted cases, sure buyer data had been inadvertently copied to the repositories for debugging functions.
We turned conscious of unauthorized entry to the affected repositories on Thursday, February 27, 2025 (2025-02-27 09:38:48 UTC). As soon as we turned conscious of the problem, we instantly secured entry to the repositories and invalidated the unauthorized person’s entry. This incident didn’t have an effect on any Zapier database, infrastructure or manufacturing, authentication, or cost methods.
In our audit, we discovered {that a} subset of your knowledge was included in a repository and will have been accessed by the unauthorized person. Here’s a safe hyperlink so that you can entry a replica of your impacted knowledge.
Please overview this knowledge, and take acceptable actions, which can embody rotating any legitimate plain textual content authentication tokens that will have been utilized in locations similar to code, or webhook step configuration which had been discovered within the impacted knowledge. Notice that your Zap/App authentication tokens weren’t impacted by this incident. We additionally advocate that you just overview safety settings in your Zapier account and your different on-line apps, together with activating 2FA the place out there.
We’re conducting an intensive audit and remediation of our inside processes to make sure this doesn’t happen once more for you or different clients.
When you have any questions, please be happy to succeed in out by utilizing our contact kind at https://zapier.com/app/get-help or by responding to this e mail. We’re standing by for any additional help you would possibly want.
Sincerely,
Zeeshan Khadim
Head of Safety