Global data-collection company Typeform recently revealed they have been the victim of a data breach. The stolen content, back-ups of recent data, contained sensitive personal information from different customers including mobile bank provider Monzo.

 

Sensitive data stolen

Typeform, a global data collection company focusing on forms and online surveys disclosed yesterday that they had been the victim of a data breach. An unknown attacker gained access to a server containing a backup of with sensitive customer data within.

The exact scope of the type of data lost is uncertain; Typeform as a company not only handles personal information but also payment details, which is done through Stripe integration or entered by customers on their webpage. However, the company has confirmed that no card details or other payment information existed within the stolen backup.

Details regarding exactly how the attackers found their way in have been scarce. The only information received from Typeform is that a vulnerability was exploited, which has now been patched. According to an official statement the breach was discovered two days earlier, with the affected server being secured less than an hour after the discovery. Emails have also been sent out to possibly affected users.

Typeform customers stepping forward

Mobile-only bank Monzo, a customer of Typeform, used their service to collect personal information and after analyzing the data has stated that “our initial investigations suggest that some personal data of about 20,000 people is likely to have been included in the breach”. A full report has been released by Monzo, which can be found here.