Vimeo disclosed that an unauthorized actor accessed certain user and customer data through a breach at analytics vendor Anodot, though its internal systems and sensitive assets were not impacted. The incident, claimed by a threat actor tracked by Google Threat Intelligence, primarily exposed operational metadata like video titles and some customer email addresses. #Vimeo #Anodot
Keypoints
- The breach originated from third-party analytics vendor Anodot, not Vimeoβs internal systems.
- Unauthorized access exposed technical and metadata, including video titles and some customer emails.
- No Vimeo video content, user login credentials, or payment card information were accessed.
- Vimeo immediately severed Anodot integrations and disabled related credentials to contain the incident.
- The company engaged third-party security experts and notified law enforcement while the investigation continues.
Read More: https://securityonline.info/vimeo-anodot-data-breach-supply-chain-security/