We have contacted all customers potentially affected by this and ensured they have secured their systems. We are now closing this incident. If you have any concerns please contact your account manager directly or via team@simwood.com.
Posted Sep 20, 2021 - 16:38 BST
Update
A clarification that this a compromise of SIP credentials: host, user, password. This is not connected to portal logins
Posted Sep 19, 2021 - 20:53 BST
Monitoring
A fix has been implemented and we are monitoring the results.
Posted Sep 19, 2021 - 20:26 BST
Investigating
We have been investigating call fraud activity which, unusually, extends across more than one partner account. After exhaustive analysis of the affected extensions, we believe those targeted are where partners have provided credentials to a common handset distributor for pre-configuration. Affected partners have been contacted and instructed to reset passwords on all extensions for which credentials have been passed to the third party vendor, target numbers are blocked from the network, as are attacking IP addresses. Any partner noticing unusual activity on any of their extensions are advised to contact us as a matter of urgency for further advice, but when doing so please confirm the distributor you have used. For clarity, we have no belief or reason to believe that this stems from any kind of compromise of our own systems.
Posted Sep 19, 2021 - 20:25 BST
This incident affected: Hosted Services (Voice / SMS).