On Sunday, July 28th, 2013 at 9:05pm CST it was brought to our attention that a un-authorized disclosure vulnerability existed in our database cluster. By 9:25pm CST our team rolled out a fix to prevent this disclosure. Our team strives to immediately identify and resolve any security vulnerabilities.
The specific issue allowed an existing ZippyKid customer to view the contents of another customer database in MySQL. This database was mistakenly used by our technicians in the process of troubleshooting customer issues.
It is important to note that no sensitive data was stored in an unencrypted form in the database that was mistakenly made available. However, we have advised the customers impacted of any steps they may need to take.
Our teams are constantly working and monitoring our systems for potential security issues. However, if you do discover an issue, we appreciate the responsible disclosure of these issues to security@zippykid.com.
If you have any questions, please feel free to contact the support team at help@zippykid.com. Thanks for your continued support.