Re: [exim] just been hacked, could be CVE-2019-10149?

Top Page
Delete this message
Reply to this message
Author: Jan Ingvoldstad
Date:  
To: exim users
Subject: Re: [exim] just been hacked, could be CVE-2019-10149?
On Wed, Jun 19, 2019 at 1:26 PM Calum Mackay via Exim-users <
exim-users@???> wrote:


> Luckily, it looks like the trojans did nothing more than repeated
> attempts to open up my ssh server to root logins, which I think (and
> hope) didn't actually work, so I may have been lucky, and the damage
> isn't widespread.
>
>
> ought I to be reporting this anywhere?
>
>

As this puts the metadata and content of emails transmitted through your
server at risk, as well as any authenticated user/customer login details
(passwords, too), if you are operating within the EEA, you are bound by the
GDPR and probably have a duty to alert any affected and potentially
affected users/customers about the breach and what kind of data is astray,
etc.
--
Jan