Regarding a security incident involving a third-party provider. No Hopin customer or user data was compromised.
Hopin is committed to the security of our platform and we believe that transparency is critical to building and maintaining trust. In that spirit, we want to share a security incident that affected one of our vendors.
CodeCov, a third-party provider of software code testing, experienced a breach in a widespread supply chain hack affecting many organizations, including Hopin, exposing them to an unknown third party. This incident was not the result of any Hopin security vulnerabilities.
Hopin immediately reset all credentials potentially exposed by the CodeCov breach and launched an urgent investigation. We found that no Hopin customer or user data had been compromised.
We also engaged a third-party cyber forensics team to confirm our findings. They found that while Hopin AWS credentials were potentially exposed by the CodeCov breach, the investigation did not find any evidence of malicious activity. They reinforced the recommendation to reset all credentials, which Hopin had already taken swift action on.
Hopin has a practice of routinely scanning for potential breaches and we are expanding this practice. We have also inventoried all third-party integrations in our supply chain to mitigate any future breach attempts.
If you have questions, please reach out to your account support representative. Your trust and safety, and the underlying security of our platform, are our highest priorities.