What happened:
At around 05:00 (GMT) on 24th September 2022, one of ClickASnap’s databases was breached during a malicious hacking attack.
What was released:
User emails and hashed passwords were stolen from one of our databases and released. No other personally identifying information was stored or stolen.
Please note that we do not store any payment information of our members, as this is handled by secure third party payment processors.
Why did this happen?
A page titled ‘info.php’, which contained login credentials to our servers was left open on a public IP address. These credentials were then used to access a database, which had also been left open to the public.
What steps have we taken to address this?
Although it is impossible to guarantee that any website will be entirely safe from hackers, we of course terminated our relationship with the developers whose gross negligence led to this attack.
We are working with a reputable company Blue Frontier, who have handle NHS (UK health services) and military contracts. This new website will be built to best practice standards as a minimum by Blue Frontier.
Alongside this, the company is currently implementing ISO 27001 as a base standard for our cyber security, to ensure the correct processes are in place to prevent this from happening again and to keep our members and their information safe.
Please be assured that your security and safety on our platform is paramount to us and we continue to strive towards stringent security measures across our platform to protect you.
If you have any further questions, please do not hesitate to reach out to us.