Toronto, Ontario – March 26, 2020 – Data Deposit Box Inc. (the “Company”) (CSE: DDB, OTC Pink: DDBXF, Frankfurt: 2DD), a global provider of cloud backup and recovery technology reports on a data security breach that occurred in January 2020.
On January 5, 2020, Data Deposit Box was contacted and informed by a firm of ethical security researchers that they discovered log files from a limited number of customers that were being stored on an open third-party, cloud-based service. These log files contained diagnostic information used by the Company to troubleshoot the operation of its software running on its customers’ systems. The exposed log files primarily consisted of paths and filenames of the customers’ local file systems.
The Company immediately identified and addressed the system configuration vulnerability and verified that no other instances existed in the current environment. The Company enacted safeguards to protect user accounts and promptly notified affected customers. On January 6, 2020, less than 24 hours later, the issue had been completely resolved.
The Company has performed a thorough risk assessment of the data and determined that a total of 148 customers were affected. Based on the analysis to date, there has been no evidence that any information originally exposed has been misused. Importantly, no backed-up data belonging to customers was compromised. Customer data files were never at risk as it is stored in our facilities, not with third-party service providers.
In relation to this security incident, the Company has filed a PIPEDA Breach Report with the Office of the Privacy Commissioner of Canada.
Safeguarding customers’ information is essential to the Company’s mission and its role as a global provider of cloud backup and recovery technology. The Company recognizes the importance of effective cybersecurity and continuously implements additional safeguards and technical measures.
For More Information, Contact:
Neither the Canadian Securities Exchange nor its Regulation Services Provider accepts responsibility for the adequacy or accuracy of this press release.
FORWARD LOOKING STATEMENTS
This news release contains certain “forward-looking information” within the meaning of applicable securities law. Forward looking information is frequently characterized by words such as “plan”, “expect”, “project”, “intend”, “believe”, “anticipate”, “estimate”, “may”, “will”, “would”, “potential”, “proposed” and other similar words, or statements that certain events or conditions “may” or “will” occur. These statements are only predictions. Forward-looking information is based on the opinions and estimates of management at the date the information is provided and is subject to a variety of risks and uncertainties and other factors that could cause actual events or results to differ materially from those projected in the forward-looking information. For a description of the risks and uncertainties facing the Company and its business and affairs, readers should refer to the Company’s Management’s Discussion and Analysis. The Company undertakes no obligation to update forward-looking information if circumstances or management’s estimates or opinions should change, unless required by law. The reader is cautioned not to place undue reliance on forward-looking information.