AvidXchange Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
In April 2023, AvidXchange, a financial software company, discovered a data breach during routine security monitoring. The breach involved unauthorized access to the company's network and the removal of certain files containing confidential information. AvidXchange notified affected individuals in October 2023. The incident, which began in March 2023, potentially exposed thousands of customers' financial account information.
How many accounts were compromised?
The breach impacted data related to nearly 7,000 individuals.
What data was leaked?
The data exposed in the breach included names, Social Security numbers, financial account numbers, credit and debit card numbers, and account passwords.
How was AvidXchange hacked?
Unauthorized access to AvidXchange's network led to the removal of files containing confidential consumer information. The breach was discovered during routine security monitoring, but the specific methods used by the hackers remain unclear. In response, AvidXchange has taken steps to secure personal information and offered identity theft protection services to those impacted.
AvidXchange's solution
In response to the hacking incident, AvidXchange implemented several measures to enhance its security and prevent future breaches. These measures included resetting all company-wide passwords, implementing additional logging and process restrictions, adding conditional access policies, and establishing separate, cloud-based user accounts. The company also introduced enhanced security protocols such as duo-factor authentication and ensuring logins come from known, trusted sources. While the removal of malware and backdoors remains unclear, AvidXchange has taken significant steps to secure its platform and protect its customers' information.
How do I know if I was affected?
AvidXchange has notified customers believed to be affected by the breach. If you're an AvidXchange customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your financial accounts and credit reports for any suspicious activity. Report any unauthorized transactions to your financial institution immediately.
For more specific help and instructions related to AvidXchange's data breach, please contact AvidXchange support directly.
Where can I go to learn more?
If you want to find more information on the AvidXchange data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
AvidXchange Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
In April 2023, AvidXchange, a financial software company, discovered a data breach during routine security monitoring. The breach involved unauthorized access to the company's network and the removal of certain files containing confidential information. AvidXchange notified affected individuals in October 2023. The incident, which began in March 2023, potentially exposed thousands of customers' financial account information.
How many accounts were compromised?
The breach impacted data related to nearly 7,000 individuals.
What data was leaked?
The data exposed in the breach included names, Social Security numbers, financial account numbers, credit and debit card numbers, and account passwords.
How was AvidXchange hacked?
Unauthorized access to AvidXchange's network led to the removal of files containing confidential consumer information. The breach was discovered during routine security monitoring, but the specific methods used by the hackers remain unclear. In response, AvidXchange has taken steps to secure personal information and offered identity theft protection services to those impacted.
AvidXchange's solution
In response to the hacking incident, AvidXchange implemented several measures to enhance its security and prevent future breaches. These measures included resetting all company-wide passwords, implementing additional logging and process restrictions, adding conditional access policies, and establishing separate, cloud-based user accounts. The company also introduced enhanced security protocols such as duo-factor authentication and ensuring logins come from known, trusted sources. While the removal of malware and backdoors remains unclear, AvidXchange has taken significant steps to secure its platform and protect its customers' information.
How do I know if I was affected?
AvidXchange has notified customers believed to be affected by the breach. If you're an AvidXchange customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your financial accounts and credit reports for any suspicious activity. Report any unauthorized transactions to your financial institution immediately.
For more specific help and instructions related to AvidXchange's data breach, please contact AvidXchange support directly.
Where can I go to learn more?
If you want to find more information on the AvidXchange data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
AvidXchange Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
In April 2023, AvidXchange, a financial software company, discovered a data breach during routine security monitoring. The breach involved unauthorized access to the company's network and the removal of certain files containing confidential information. AvidXchange notified affected individuals in October 2023. The incident, which began in March 2023, potentially exposed thousands of customers' financial account information.
How many accounts were compromised?
The breach impacted data related to nearly 7,000 individuals.
What data was leaked?
The data exposed in the breach included names, Social Security numbers, financial account numbers, credit and debit card numbers, and account passwords.
How was AvidXchange hacked?
Unauthorized access to AvidXchange's network led to the removal of files containing confidential consumer information. The breach was discovered during routine security monitoring, but the specific methods used by the hackers remain unclear. In response, AvidXchange has taken steps to secure personal information and offered identity theft protection services to those impacted.
AvidXchange's solution
In response to the hacking incident, AvidXchange implemented several measures to enhance its security and prevent future breaches. These measures included resetting all company-wide passwords, implementing additional logging and process restrictions, adding conditional access policies, and establishing separate, cloud-based user accounts. The company also introduced enhanced security protocols such as duo-factor authentication and ensuring logins come from known, trusted sources. While the removal of malware and backdoors remains unclear, AvidXchange has taken significant steps to secure its platform and protect its customers' information.
How do I know if I was affected?
AvidXchange has notified customers believed to be affected by the breach. If you're an AvidXchange customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your financial accounts and credit reports for any suspicious activity. Report any unauthorized transactions to your financial institution immediately.
For more specific help and instructions related to AvidXchange's data breach, please contact AvidXchange support directly.
Where can I go to learn more?
If you want to find more information on the AvidXchange data breach, check out the following news articles:
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions