We have been made aware that our customer service software, Zendesk, has been targeted in a series of large volume Phishing attacks. This works by sending in mass support requests under emails they’re aiming to scrape info from, and attempting to find vulnerability in our auto-responder that lets you know we've received your ticket. These confirmation emails will appear to be coming from the Roll20 support email address to those affected, but only contain the confirmation of a request being received. We adhere to strict precautionary protocol on our auto-responders to not include any links nor-include the body of the original submitted ticket so that it cannot be used to pose as Roll20 and direct users to suspicious webpages or actions. Because of that, these attacks have been completely futile. At the present, we have still disabled our auto-responder in order to limit possible confusion. The emails used in this attack did not originate from Roll20 or our database and your information on Roll20 was not compromised. Most of the emails we’ve received do not have Roll20 accounts associated with them, and we’ve seen reports of other businesses like Tinder and NordVPN dealing with the same ineffective barrage fire. (Holy 100s of support requests per minute!) This attack has inundated our support queue, and the team is working to filter these messages so that normal support operations can continue. However, due to our auto-responder being disabled, you will not receive immediate confirmation of your request successfully being submitted. To repeat: There has been absolutely no risk or compromise to your data, we may just be a bit delayed in getting back to you! Some of you may have gotten an email from us saying “Thank you for the ticket,” which you are welcome to ignore. We’ve confirmed that Zendesk’s Security Team is actively investigating this incident, and we’ll link their report on the matter whenever they publish it. Thanks for your understanding, we just wanted to drop a quick line to keep you all up to date! Update: Our auto-responder has been re-enabled, and you can see Zendesk's information on this series of attacks here.
