DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

E-on discloses breach that began in 2013

Posted on January 25, 2018 by Dissent

A customer who received this notification via e-mail sent it along to DataBreaches.net. The firm has publicly acknowledged a problem on their Twitter page:


Statement on the Cyber-Attack at e-on

January 25, 2018

Dear Community of e-on Users —

Safeguarding your personal and financial information is one of our top priorities. In late November 2017, we learned that e-on was the target of an external cyber-attack. Immediately upon learning of the attack, we made every effort to close the security vulnerability. In addition, we engaged one of the world’s leading cybersecurity companies to evaluate our systems and to identify remediation solutions. We shut down the main server on December 19, 2017 after conducting internal security tests on the live production server to thoroughly mitigate the security vulnerability.

What we know—

We have discovered these criminals may have gained unauthorized access to e-on’s servers, for a period of time, dating back to June 2013. Some of the information contained on the affected servers includes names, addresses, email addresses, phone numbers, order and transaction information, membership information, subscription and maintenance plan information, public forum posts, technical support requests, software license information, and activation information. Based on what we know now, there is no evidence that login passwords and sensitive financial information including banking information and credit or debit card information were compromised as this data was protected by encryption and hashing.

What we are doing in the short term—

As many of you know, Bentley Systems, a leading global provider of comprehensive software solutions for advancing infrastructure, acquired e-on in 2015. E-on has been and continues to be, a leader in the creation, simulation, and integration of natural 3D environments.

Bentley takes the privacy of its users to be of the utmost concern, and we are working hard to minimize the disruption to e-on’s users. We are doing everything in our power to make e-on’s systems and security processes more secure. We have set up a temporary website to handle all requests for software activation, software downloads, purchases, technical support, and other requests. During our main server outage, it is necessary that these requests be processed manually by e-on’s software team. We will process all requests as quickly as possible, and in most cases, within 24 to 48 hours upon receipt. Unfortunately, we will not be able to provide the 24/7 support that had been available on our self-service website, and requests will temporarily be processed during our home office business hours, 9:00am to 5:00pm (UTC +1:00). We greatly apologize for this inconvenience while we implement new security software tools and procedures, along with a new server infrastructure to safeguard e-on’s website.

What we are doing in the coming months—

We will need to rebuild the e-on e-commerce website and the Cornucopia3D website “from the ground up.” While this will take time, we will re-introduce online services as they are available, and their security has been thoroughly tested. We anticipate that the Cornucopia3D content store will be the last online service to be restored due to its technical complexity. However, we are exploring ways to allow our users to re-download content they have already purchased, and will provide updates on that process as we know more.

The e-on software team and Bentley greatly regrets the inconvenience this data breach may have caused our users. We are committed to do all we can to ensure that all your future experiences with e-on will include the confidence that your data and your personal information is secure. We have a motto at e-on: “Our team is there for you,” and we will work tirelessly to live up to those words and regain your trust.

We will continue to provide updates as we learn more and will keep you posted as services become available.

Regards,

The e-on Software Team

Category: Business SectorHack

Post navigation

← Medical practice turns away patients due to Allscripts incident
Email gaffe by Coventry University staff exposed 1,930 students’ details →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • A state forensics lab was leaking its files. Getting it locked down involved a number of people.
  • CoinMarketCap Hacked, Scrambles to Remove Malicious Wallet Verification Popup
  • Montana Attorney General launches investigation into Lee Enterprises data breach
  • AT&T gets preliminary approval for $177 million data breach settlement
  • Aflac notifies SEC of breach suspected to be work of Scattered Spider
  • Former JBLM soldier pleads guilty to attempting to share military secrets with China
  • No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news (Updated)
  • Tonga’s health system hit by cyberattack (1)
  • Russia Expert Falls Prey to Elite Hackers Disguised as US Officials
  • Proposed class action settlement in In re Netgain Technology litigation

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data
  • US Judge Invalidates Biden Rule Protecting Privacy for Abortions
  • DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
  • 23andMe fined £2.31 million for failing to protect UK users’ genetic data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.