Please be informed that on August 20, 2018, ABBYY USA received a vague message from an independent security researcher who had found an open instance of MongoDB containing scanned documents related to an ABBYY platform. After we confirmed that this database was part of one of our services – ABBYY Text Analytics for Contracts – we immediately locked external access to the database and started an investigation.
ABBYY has conducted a full security review of its infrastructure and procedures. The investigation into this incident has shown that due to a misconfiguration of a database commercial documents for one customer were exposed for a limited period of time. With a high degree of confidence we can say that no data loss occurred during this period.
Our investigation has equally shown that this is a one-off incident and doesn’t compromise any other services, products or clients of the company. Only one customer was affected by this incident. We are working closely with the affected customer.
There is no relationship or impact to any of our global cloud offerings such as ocrsdk.com or FlexiCapture.com. Additionally, there is no impact to any FlexiCapture or FineReader solution sold or promoted by ABBYY.
Security and privacy are paramount to us. That is why ABBYY is taking all possible measures to prevent such incidents from happening in the future.
For any additional information please contact ABBYY PR Team.