A Look at Recent Security Incident and Next Steps

A Look at Recent Security Incident and Next Steps

CMG Development Announcements, News

We want you to be aware of an incident involving Label Engine account access yesterday. While our investigation concluded that the incident affected a very limited number of users, we want to ensure you have the right information and tools to keep your account secure.

What happened?

Yesterday, we discovered suspicious activity in a number of user accounts. We immediately began an investigation and it does appear that a third-party was able to access a limited subset of user accounts. Even though all account passwords that could have been accessed were hashed and secured in accordance with best practices, out of an abundance of caution we are requiring all Label Engine accounts to have their password reset. Rest assured that credit card and other payment data are not stored on our servers at all and were not vulnerable in this incident.

What we’re doing

We’ve already addressed the method that this third-party employed to gain access to the system, and we’re doing additional reviews to ensure that the security of all of our systems is further hardened to prevent future incursions. While the account passwords were secured in accordance with best practices, we’re requiring all Label Engine users to reset their password.

What you can do?

Long story short, we are sending reset passwords email to all users to set new passwords. Once you get the email, please follow the instructions highlighted in it.

Please make sure that you have access to your email in order to reset your password and regain access to your Label Engine account.

Due to a spike in activity, it may take up to 12 hours for your password reset email to be received. We apologize for this inconvenience.

We’d also like to remind you that no one at Label Engine will ever reach out to you to ask for a password or credit card number over email. 

Lastly, we apologize to you for any inconvenience this situation may cause. We take pride in our security system and want to assure you that we are doing everything we can to swiftly remedy this incident and prevent future incidents from occurring. We are all too aware that third-parties will continue to attempt to infiltrate IT infrastructures around the world, and rest assured we at Label Engine will never be complacent in hardening our security and defenses.

Thank you,

The Create Music Group & Label Engine Security Team