The online survey company announced about Typeform data breach on June 29, 2018. But what happened? Also, who were the affected parties?
Read on to learn more.
What is Typeform?
Typeform is an online survey and form building company. They also conduct quizzes for companies.
Moreover, customers can make surveys, forms, and questionnaires using the platform. Since then, it has been a great help for organizations. So, they can reach audiences.
What happened in the Typeform data breach?
Many companies and businesses use Typeform. Also, they use it for customer service requests or feedback.
So, there is a big chance that it leaked data from these businesses. Also, if you are a customer of these businesses, you are a victim, too.
But, what caused the data breach?
An unknown third party accessed the server on June 27, 2018. Then, they downloaded certain information.
But how did this happen?
Attackers found security weaknesses in the company’s system. So, they got hold of data backups.
However, these backups were not encrypted. Hence, small and large clients experience privacy loss.
Monzo, Affected by the Typeform Data Breach
Still, companies who use the service announced the effect.
Let’s take Monzo for example. Monzo is a digital mobile bank. Moreover, it created surveys using Typeform.
Monzo also investigated the incident. So, they confirmed that it affected the information of about 20,000 people. This includes the following:
- name
- email addresses
- Twitter username
- postcode
- universities
- name of the old bank
- age band
- salary band
- employer
So, they notified their users about it. However, they clarified that their money is safe.
Affected Companies of the Typeform
Typeform makes millions of online forms every month. It includes forms from various companies and government agencies, such as:
- Apple
- Airbnb
- Uber
- Nike
- Trello
- HubSpot
- Indiegogo
- Forbes
- Freshdesk
- NewYork Radio
Moreover, Typeform did not specify the leaked details. But, they said that no payment or password details had been included.
Still, here is the complete list of companies included in the breach. We also listed the number of records leaked.
- 80,000 Hours – 8,300 records
- Airtasker
- Australian Republic Movement
- Baker’s Delight
- Birdseye
- Britain’s Liberal Democrats
- Carlton Football Club – 1,300 records
- Cocoon
- CyberGhost – 134 records
- DevResults
- Euromoney Institutional Investor PLC
- Fortnum & Mason – 23,000 records
- HackUPC –
- Hamilton City Council – 1,941 records
- Harvey Norman – 23,000 records
- Kano – 1,907 records
- Monzo – 23,406 records
- Ocean Protocol – 167 records
- PostShift – 230 records
- Rencore
- Revolut – 11,000
- Shavington-cum-Gresty Parish Council – 304 records
- Tasmanian Electoral Commission – 4,000 records
- Thriva
- Travelodge
- Waikato – 2,800 records
All in all, there are a total of 101,489 reported records that leaked.
What You Can Do
Typeform provided an apology email for businesses and individuals. So, what can you do?
For businesses, they advised the following:
- train employees about security policies
- practice regular backup of data
- identify weak spots of your systems
Also, for individuals, here are some things you can do:
- create strong passwords
- change passwords regularly
- monitor bank and credit accounts
- report any unwanted charges
- use two-factor authentication
- beware of phishing emails
