[EN] 02/21/2023 - Security Notification: Detecting and Resolving an Unauthorized Access Attempt

Late yesterday (Feb. 20), we became aware of a potential unauthorized access attempt to one of our caching systems due to a malfunction in one of our firewalls. We responded immediately by taking action within minutes of discovering the problem to resolve it and implement additional measures to ensure the security of the system in question.

As part of our commitment to transparency, we would like to provide you with the following additional information:

The function of the cache system, as the name implies, is to temporarily store data used for web system processing. This includes storing data such as the basic configuration and basic texts of our external site, panel and main site, as well as quick information such as time stamps, booleans (1 / 0) and ID's, the vast majority of which are kept for only a few minutes.

We would like to highlight that these systems do not contain any sensitive data. We process this data without using the cache system. For the most sensitive data, we encrypt it completely until it is used to ensure its security.

Nevertheless, we have detected two core configuration values in the cache system data set that are at relatively low risk of being accessed. However, we want to take steps to enhance their security. This includes the following information:
  • Discord Integration WebHook Links: We have taken action by removing the integrations directly on Discord (So the old links no longer work). We invite you to recreate a Webhook link on your end. As of last night, these links are now saved with additional encryption to enhance their security.

  • RCON information of the old 7D and PZ integrations: this concerns about 20 integrations. If you are still using these integrations, we recommend that you make a preventive change to the RCON information. As with Webhooks, this data is now stored with additional encryption to ensure security. This does not affect the new Telnet/Rcon system, which uses secure storage and no caching.

It should be noted that this is the only information that needed to be reported and processed. Other data is considered public and/or not of particular importance, such as time stamps, booleans or internal identifiers.

In the coming days, we plan to implement additional improvements to enhance the security of our service. There may be some minor slowdowns as a result, but no service interruption is expected.

Our support is available for any question related to this topic, do not hesitate! :slight_smile:

Thank you for your understanding and trust,

The WizeBot team.