Vendor of PhoneMondo was the victim of a cyber attack on January 2, 2025

Posted on 2025-01-07 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Short note for users and administrators of PhoneMondo. The developer, the German Scavix Software GmbH & Co. KG has been started inform customers that the company was victim of a cyber attack. The attackers were able to access a database of a test environment for the PhoneMondo cloud telephony software.

Advertising

German blog reader Heinz H. informed me about the incident by email (thanks for that) after he received the relevant information from PhoneMondo. The cyberattack was detected on January 2, 2024, when unknown persons were able to access the database in a test environment of the PhoneMondo cloud CTI software.

The Managing Director of Scavix Software GmbH & Co. KG assures that the productive environment is not affected and that the test environment does not contain any active or current data, but data from the usage history.

This means, however, that if someone was a customer of theirs and used PhoneMondo, their data (i.e. mainly e-mail addresses of customers, occasionally also associated names, postal addresses and telephone numbers of the customer or from the address book) may have been leaked. Below is the information that was sent to customers.

Dear Sir or Madam

We would like to inform you about a recently detected security incident in which previously unknown attackers have gained unauthorized access to the database in a test environment of our cloud CTI software PhoneMondo.

What happened?
Scavix Software GmbH & Co. KG has become the target of a cyberattack, which was discovered by us on 02.01.2025. In the incident, the attackers were able to gain unauthorized access to a separate database in the system environment that was used for the development and testing of new features of our cloud CTI software PhoneMondo. During the attack, the attackers had access to this database and it can be assumed that data from the database was downloaded by the attackers. As things stand, our production environment for PhoneMondo is not affected by this incident.

What data is affected by the incident?
The affected database does not contain any active or current data, but data from the usage history. The database mainly contained e-mail addresses of customers, occasionally also associated names, postal addresses and telephone numbers of the customer or from the address book.

What does this mean for you?
We assume that the attackers will not be able to cause any real damage with the (supposedly) stolen data. These are mainly e-mail addresses and similar contact data, which in themselves cannot easily be used for abusive purposes. However, this cannot be completely ruled out. After a cyberattack and the possible outflow of data, spam and so-called phishing emails can sometimes occur. Phishing emails are fake emails that pretend to be from a trustworthy sender and are intended to trick people into falling for a scam. Therefore, please be particularly vigilant in the coming weeks.

The attack is currently being forensically investigated by a specialized and certified IT security service provider. A criminal complaint has been filed with the police.

If there are any new findings in this incident, we will inform you as soon as possible. If you have any questions, please send an e-mail to datenschutz@scavix.de

We very much regret that this incident has occurred and thank you for your understanding.

Yours sincerely

Christoph Bünger
Managing Director

Advertising
This entry was posted in Security, Software and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).