Incident Of The Week: Typeform Data Breach Impacts Customer Base

Online Survey Co. Warns Of Unauthorized Access



Dan Gunderman
07/06/2018

In the dynamic world of cyber security, breaches are both tightly guarded and, sadly, imminent.

Combing through data, market research and threat-defense efforts taken by enterprises can be a daunting task. Here at Cyber Security Hub, we both track the latest industry news and make it more navigable for the IT professional. Cyber Security Hub coverage extends outwards – as it helps enterprises batten down their proverbial hatches.

In this edition of “Incident of the Week,” we examine a data breach at Typeform affecting an unknown number of customers.

Typeform, a Barcelona-based online software as a service (SaaS) company specializing in form building and surveys, said it detected the breach on June 27, 2018.

In a statement on its site, Typeform said, “Our engineering team became aware that an unknown third party gained access to our server and downloaded certain information. As a result of this breach, some data was compromised. We responded immediately and fixed the source of the breach to prevent any further intrusion.”

Typeform’s clients are businesses that use the software to build out surveys and quizzes. Each business may collect data, en masse. So, affected providers will need to independently contact customers.

See Related: Incident Of The Week: Ticketmaster U.K. Data Breach Impacts 40K

According to Naked Security, some companies have already issued alerts over the breach, including: the Tasmanian Electoral Commission, British prestige brand Fortnum & Mason, digital bank Monzo and food maker Birdseye.

Typeform said it remedied the apparent cause of the breach within 30 minutes on June 27. Since, the company said it has “been performing a full forensic investigation of the incident to be certain that this cannot happen again.”

The company wrote that the risk of reoccurrence is “deemed low enough to send out this communication.”


Accessed data reportedly came from a “partial backup dated May 3, 2018,” the statement reads. Typeform said results collected after that date are safe.

Clarifying the extent of the breach, Typeform wrote that an attacker accessed data and downloaded it from their servers. They continued: “This means that the attacker has partial data you collected prior to May 3.”

The company opted to list what is not affected by the breach. That includes: subscription payment information, account password, data collected since May 3 and data collected via the “Stripe integration.”

See Related: Incident Of The Week: Data Breach Touches Highest Levels Of Australian Govt.

The Spanish company says that it has initiated a comprehensive review of its system security and identified the source of the breach.

It wrote: “As a data collection company, maintaining the security and privacy of our customers’ data is our top priority. We will continue to take significant measures to prevent this type of situation from happening in the future, including a full-scale review of our security.”

Typeform also plans to use a cross-functional team to review its system. The data collector said that it waited until it was comfortable the vulnerability had been resolved before notifying users.

“We launched this communication as soon as possible after feeling comfortable that our platform is now secure,” the statement continued.

In closing, the company said, “We would like to assure you that we take Data Security and Data Privacy very seriously, and we are doing everything we can to take actions that will rebuild the trust you placed in us.”

Be Sure To Check Out: Incident Of The Week: U.K. Telecom Retail Breach Exposes 5.9M Records