Software company Everbridge reports data breach

Everbridge, a provider of crisis management and public warning software solutions, is reporting corporate systems breach that exposed business and user data. Everbridge serves over 6,500 customers globally, including the U.S. Army, Hartsfield-Jackson Atlanta International Airport, and the governments of Norway and Australia.

The incident, detected on May 21, involved attackers accessing Everbridge's network using information gathered from a prior phishing attack targeting the company’s employees.

The breach did not involve ransomware, and Everbridge promptly notified law enforcement. The company is collaborating with incident response experts from Mandiant and Stroz Friedberg to evaluate the breach's severity and impact.

Exposed Data:

• Admin user contact information
• Limited other users' contact information
• Information about subscribed Everbridge services
• Enabled access methods

The number of affected individuals is not disclosed. Customers whose information was exposed are being informed.

To mitigate future risks, Everbridge is enforcing multi-factor authentication (MFA) for all accounts by June 3, 2024, and recommends enabling Single Sign-On (SSO) where possible.