While fiddling around within the Gainsight Weekly Usage Highlights I’ve discovered that it’s quite easy to manipulate the filters to see emails of what only can be explained as all users of Gainsight from all customers. Not contacts and not just our end-users. Literally anyone who has ever touched Gainsight...
Thank you again for flagging this
+13While fiddling around within the Gainsight Weekly Usage Highlights I’ve discovered that it’s quite easy to manipulate the filters to see emails of what only can be explained as all users of Gainsight from all customers. Not contacts and not just our end-users. Literally anyone who has ever touched Gainsight...
Needs fixing ASAP.
+5Hi, thank you for flagging! We’re looking into it and will follow-up asap.
+9Oh my… I liked but you know, I don’t actually like this 😱
+5Thank you again for flagging this
+13Follow to get an update on the fix. Massive privacy concerns here.
+5Hi everyone, following the completion of our internal investigation, we wanted to share an additional follow-up here. As mentioned earlier, contacts from Gainsight customer instances were not exposed. Some contacts from Gainsight’s own instance of CS were visible through the email field's equal filter in the 'Feature Usage' report. Based on our internal logs before we rolled out the fix, a total of 115 requests of the API were made, all by two users from the same company that reported the issue to us. Following the fix that we deployed on Thursday we are immediately taking further steps to prevent this from happening again in the future.
If you ever had a profile with us, there's no need to create another one.
Don't worry if your email address has since changed, or you can't remember your login, just let us know at community@gainsight.com and we'll help you get started from where you left.
Else, please continue with the registration below.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
