Important customer notice requiring your action

A very small number of our customers have received emails, apparently from a so-called ‘ethical hacker’ , notifying them of a limited security breach to their Monika systems. They have penetrated our user data covering usernames, passwords, contact numbers and email addresses. Fortunately, personal data stored on the on the Monika software is limited to these attributes only. Their email claims that “we do not intend to use this data” and while we have no reason to disbelieve this we must accept that it may not be the case. Even if you have not received an email listing the usernames and contact details we recommend that you alert all users to this possibility.

In response to this we took immediate action and have closed vulnerable ports and changed the database superuser password to preserve data integrity should root access have been achieved. We are advising the ICO of the breach in line with our legal requirements.

Cyber security is an ongoing top priority for Monika. We continue to track developments in penetration methods and build defences. We are now working to speed release the latest cyber protection encryption methodologies. This update was already planned and in response to this incident our team has been working overnight to achieve the fastest possible deployment to all customers. This is a minor update which will not affect the database and will be deployed quickly, securely and without disruption.

In the meantime, your Monika software will continue to run. However, you will not be able to log into the Web client or your Smart PA’s, so you may wish to revert to manual record keeping until you are notified that the update is complete. All users will then be required to reset their passwords the next time they log in.

We sincerely apologise for any disruption and inconvenience caused and assure you that we are doing our utmost to restore full service as soon as possible. If you have any questions, please contact customerservice@monika.com