Vertecto Services, LLC, a provider neutral transaction services to route buyers and sellers in the wholesale telecom industry, recently experienced a security breach, which the company reported was isolated to a single account. Vertecto reported that while the breach didn’t directly affect its long-term business operations or expose its clients to risk, it did have an impact on the company's business operations for a short time…just long enough for social media rumors to fly.
Today the company released an FAQ on the matter. See below for full details.
FAQ:
Was Vertecto hacked?
Vertecto experienced a security breach. It was a sophisticated hack of a single member account.
How did you fix it?
We detected the issue quickly, limited access to the system and suspended the affected accounts. The system was put back on line and operating normally within a couple of hours. We then employed a systematic approach to dealing with the suspended accounts. This systematic approach included identifying those projects that were not directly linked to the hacked account, reviewing the transactions in those projects and reviewing the accounts of the members involved in those projects. We then obtained and reviewed CDRs and other records related to the affected projects. This process allowed us to quickly release most suspended projects from all limitations.
Who was affected?
While the vast majority of our over 750 customers were not affected and continued to conduct business as usual, the breach did cause some delays in the processing of a few account transactions. This was largely due to the account auditing process put in place to guarantee the issue was isolated and dealt with safely and quickly.
How were they affected?
The effected account had transactions in which some payments were delayed.
What was the issue resolution process?
We employed a systematic approach to dealing with the suspended accounts. This systematic approach included identifying those projects that were not directly linked to the hacked account, reviewing the transactions in those projects and reviewing the accounts of the members involved in those projects. We then obtained and reviewed CDRs and other records related to the affected projects.
This process allowed us to release most suspended projects from all limitations. It took approximately one week to audit most of the accounts that were not directly linked to the hacked account. We then moved to process funding and payments.
After we released the majority of affected Projects that were conducted on Vertecto, we were able to start finding, examining and resolving those transactions that were related to the affected projects, but were not conducted on Vertecto, such as where minutes in a Vertecto Project were terminated on carriers in transactions outside of Vertecto.
For questions contact Vertecto at exec@vertecto.com
