Blog

0.7 mins

HootSuite Responding to DoS Attack, User Data Secure

By Ryan Holmes | 4 months ago | No Comments

Security Masthead

This morning at approximately 6:45 am PST we experienced what’s known as a denial of service (DoS) attack. A malicious user attempted to flood our services with traffic in order to shut down the system.

While HootSuite users were for a short time unable to access the dashboard, service has now been restored, and no customer data was compromised. Only web traffic to the dashboard and mobile APIs was affected. HootSuite Engineering and Security teams were able to respond immediately, and are working with hosting providers to mitigate the impact of any future attacks.

DOS attacks are common, crude tactics used by hackers to temporarily disable websites. The security of our customers’ information is our highest priority. It was not put at risk today.

We understand that these malicious actions are frustrating to our users. We want to thank you for your patience and for your continued trust in HootSuite.

8 comments
Domenick
Domenick

Hello,

The twitter account for our business was hacked today and they posted a few inappropriate and graphic posts that we deleted and then changed our password. Is there a possibility that this was linked since we use Hootsuite to post to twitter? I just don't understand how else our password would have gotten out there and this is the first time anything like this has happened.

Scott at Kawntent
Scott at Kawntent

I suggest that your next article should be about how to protect your site from DoS attacks. Content marketing 101 :)

BatchHeader
BatchHeader

@dcorn66 That's so true.  You don't realise how much you rely on something until it is taken away.


Thanks to support for the update.

Brian Lovin
Brian Lovin

Thanks for updating us! Love the transparency and love HootSuite!!

jabrahams
jabrahams

Does anyone know if the DoS attack affected LinkedIn user profiles? We had three separate LinkedIn accounts connected to our HootSuite account and starting today, all three of them have been temporarily restricted by LinkedIn. Still waiting to hear back from LinkedIn support, but now that I see this announcement from HootSuite, I'm wondering if it's connected. Thanks.

DeborahCorn
DeborahCorn

One thing for sure, when its down, life SUCKS without Hootsuite! Thanks for everything Ryan and sorry your/our morning didn't start off with better news.

HootSuite_Help_Desk
HootSuite_Help_Desk moderator

@Domenick  Hello Domenick!

Thanks for reaching out to us! I'm sorry to hear that this happened to you. Please be assured that HootSuite does not save nor store your password. Entering it that one time is only necessary to be able to connect to the API and post via HootSuite.

Should you believe that someone may have access to your HootSuite account, I'd advise you to reset your password here: https://hootsuite.com/reset-password

If you have any further questions, please reach out to us by tweeting @HootSuite_Help Domenick!

Best regards,

Paige @HootSuite_Help - http://hootsuite.com/help

HootSuite_Help_Desk
HootSuite_Help_Desk moderator

@jabrahams  Hi there! Thanks for reaching out to us. My name is Paige and I'm happy to look into this with you.


This interruption in our servers should not have had an effect on your LinkedIn Profiles. To ensure that there are no broken or faulty connections causing this error, please try to:


1. Revoke HootSuite's access to your LinkedIn by clicking https://www.linkedin.com/secure/settings?userAgree and "Remove"


2. Once completed, please proceed to reconnect your LinkedIn in your HootSuite Dashboard by following all of these steps: https://help.hootsuite.com/entries/22866475-Reconnecting-Social-Networks#li


Should you see errors persist, please tweet us at @HootSuite_Help and we can troubleshoot further.

Best regards,

Paige @HootSuite_Help - http://hootsuite.com/help