In a significant development, customer conversation with Entrackr, platform Exotel has faced a data breach leading to potential exposure of its client details. Sources aware of the development said the breach was reported on Friday, and its impact spanned across leading firms, including financial institutions. Exotel, which offers cloud-based voice and SMS contact center capabilities, has operations in India, the UAE, Indonesia, Africa, and the United States.
PC: Exotel
Details on the Breach
The breach resulted in unauthorized access to one of the company’s cloud infrastructure stamps based in Singapore. A company spokeswoman said that it had promptly controlled the incident. The company further claimed that sensitive personal or financial data had not been compromised. The breach seems to have affected only a few users, as most of Exotel’s customers reported that the hack did not impact them. The affected customers have been messaged and informed, down to every little detail, along with recommendations on what can ideally be carried out to minimize future risks.
Inadvertent Disclosure of Data
Exotel stores all its client calls, recordings and SMS on cloud. As per sources, AWS private keys were stolen from a developer leading to hacking of the database and source code. High-profile clients like Zomato and Khatabook was reported to have found them on the receiving end. But Exotel clarified none of the stored call recordings or SMS had been accessed or affected as a result of this incident.
Responses from clients
Zomato acknowledged the breach and reassured that their merchant as well as customer data is fully secure without any leak of sensitive information related to payment. Their teams are working closely with Exotel to get more details about the investigation, which is on the way. Entrackr has written to Khatabook to confirm.
Company’s Financials and Competitive Landscape
Steadview Capital and A91 Partners-backed Exotel reported collections of Rs 420 crore, a rise of 32.1%, while its losses rose 2.5 times to Rs 109 crore. The company is yet to file its annual report for FY24, for which it is projecting 50% revenue growth. Exotel is a competitor to the likes of Knowlarity and MyOperator, besides firms like Ozonotel and Tata Communications. Incidentally, Knowlarity was acquired by the conversational messaging unicorn Gupshup in a $100-million deal in February 2022.
The data leak at Exotel is but a vindication of the relevance of exercise in strong cybersecurity, with the protection of client information. This breach being contained quickly and reassured to clients is a lesson emphasizing the need for a revamp on security protocols periodically and constantly fine-tuning them. The transparent communication and quickly provided response from Exotel are very important measures to minimize the consequences and maintain the trust of their clients. And we continue with the investigations with the committed view to provide security and integrity in the services of the company, reaffirming our position in the competitive landscape of customer conversation platforms.