[treymarkel]

DailyFunder Community,

I have always maintained transparency in all my posts about Centrex Software and our service to the alternative corporate finance community. We are dedicated advocates of the entire corporate finance space and operate our business with the utmost integrity. We deeply value our relationships with each of our clients, vendors, and partners.

We want you to hear from us directly before any false rumors or claims circulate within the industry. On May 21, 2024, Centrex Software became aware of a vulnerability within our service provider's system that was exploited by an unidentified, unauthorized party, potentially allowing access to client documents stored in our service provider's systems. We immediately worked with our service provider as they launched their incident response protocol to investigate the incident’s details, including to identify the responsible party, confirm the root cause, and verify the type of data that may be involved. They were able to successfully resolve the vulnerability by 5:45pm CST on May 21, 2024.

Currently, our team is focused on a comprehensive analysis to ensure we understand the full scope and nature of the incident. This analysis is augmented by external cybersecurity specialists at Kroll, SureFire Cyber, and our outside counsel. The FBI has been notified of this incident and we are making progress in determining who may be responsible for these actions. We fully intend to prosecute those involved in this egregious act.

While the immediate security concern has been addressed, we are taking steps to prevent future occurrences. We will share additional information as it becomes available, including any updates from law enforcement, and we will provide guidance on our customer and consumer notification process once our investigation is complete.

We will update the following FAQ with new information as it becomes available.

What was the issue identified?
We identified that code in a legacy client portal exposed a vulnerability in which an unauthorized third-party exploited client documents. It was discovered and patched on May 21, 2024. We are working closely with our cybersecurity specialists to confirm these details.

Why am I just being notified now on June 3rd 2024?
Our service provider's incident response protocol is a strict process and takes time to make sure Centrex Software customers are aware of the facts.

Was this ransomware?
No, this is not a ransomware incident.

Who is your service provider?
Set Forth, Inc. (“Forth”) provides the intellectual property and maintenance services for the Centrex Software platform. We are working closely with them to investigate this incident.

How did Centrex respond?
We engaged legal counsel and cyber forensics quickly upon discovery in accordance with our policies. We preserved all available logs for analysis, as well as requesting logs from our third-party providers.

What information was involved?
Our investigation into the incident remains ongoing. Once the investigation is complete, and if our review determines any customer or personal information is involved, we will notify the appropriate parties in accordance with our legal obligations and state and Federal law. We understand the importance of this information and will ensure that this process is carried out as quickly and efficiently as possible.

Who can we contact if we have more questions?
All questions concerning the incident should be submitted to incidents@centrexsoftware.com. We will respond to each question as soon as we can and appreciate your patience and understanding through this process.

We work hard every day to provide our clients a secure, reliable system, and to operate our business with the utmost integrity and transparency. We welcome any questions or comments you may have, and we remain committed to delivering on our promises to you.

Kind Regards,

Trey Markel
VP Sales & Marketing
(888) 622-5810
www.CentrexSoftware.com

[Yankeeman07]

Thank you for the info

You are not alone - https://www.foxnews.com/tech/android...teal-your-data

[mcaconsultant]

I appreciate the transparency and accountability. I've used Centrex Software for over 7 years and have seen the dedication that the team puts into both their tech's security as well as the integrity of the Centrex team to know that my data is always safe. The largest tech companies in the world have data breaches. It's been refreshing to see how the Centrex team has prioritized making sure that the vulnerability was fixed as quickly as possible and for taking such accountability.

[mca2150]

The amount of voided checks and SSNs on Centrex means this incident could be catastrophic. When do we get more information on what was stolen and who was involved? (yes I'm a Centrex user).

[DailyCloser]

Wow this is some serious stuff. First time Centrex is openly admitting a data leak.. For years people have been speculating this.

I wonder if this was a rogue employee that was selling leads to brokers? Makes you wonder. Hopefully they're able to resolve this and never have issues like this in the future. A lot of data being stored on Centrex.

Do we have any more updates?

[diditevenfund]

Curious if it will be made available who was impacted (funders names etc). This would in theory be relevant to all brokers as we may have had our files accessed where we fund our deals. Curious to hear updates, this seems rather serious.

[Zach]

I’ve worked with centrex for many years and never had any issues whatsoever. Target had a data breach and I still shop there. Experian had a data breach and I still use their services.

Every software has had **** happen — just chill out and keep funding.

[diditevenfund]

I’ve worked with centrex for many years and never had any issues whatsoever. Target had a data breach and I still shop there. Experian had a data breach and I still use their services.

Every software has had **** happen — just chill out and keep funding.

Thanks for telling us to "chill out" about being concerned our deals could have been accessed.

Think its normal for people to have more questions here.

[zalman]

Thanks for telling us to "chill out" about being concerned our deals could have been accessed.

Think its normal for people to have more questions here.

There is probably a high likelihood that whoever perpetrated the hack has no idea what the value of the data is or where to sell it. Your best odds over here would be keep an eye out if you see this information surfacing as leads for sale.

If you feel like that's the case, you may consider sending out an email to your merchants notifying them about the breech and let them know to ignore all calls, emails etc.

This may be a bit tough as this is an industry that merchants already get a ton of calls and work with a ton of brokers...

[diditevenfund]

There is probably a high likelihood that whoever perpetrated the hack has no idea what the value of the data is or where to sell it. Your best odds over here would be keep an eye out if you see this information surfacing as leads for sale.

If you feel like that's the case, you may consider sending out an email to your merchants notifying them about the breech and let them know to ignore all calls, emails etc.

This may be a bit tough as this is an industry that merchants already get a ton of calls and work with a ton of brokers...

I agree with this.

[mca2150]

There is probably a high likelihood that whoever perpetrated the hack has no idea what the value of the data is or where to sell it. Your best odds over here would be keep an eye out if you see this information surfacing as leads for sale.

If you feel like that's the case, you may consider sending out an email to your merchants notifying them about the breech and let them know to ignore all calls, emails etc.

This may be a bit tough as this is an industry that merchants already get a ton of calls and work with a ton of brokers...

I think the risk is a lot worse than having your deals being sold as leads. The risk is that the "hacker" now has the ability to steal these merchant's identities, and possibly directly steal funds using the information they just accessed. I agree that people should look out for fraudulent leads and calls, but also keep an eye out for an increase in frozen accounts in the future as a result of fraud.

Of course we still don't know who the perpetrator is or their intentions. Hopefully we'll get more info soon. Also, some of you may not care because you're a broker and don't have long term financial relationships with these merchants, but some of us have millions tied up in these businesses and in the Centrex system. A merchant doesn't know who or what Centrex is, they just know that the funder they used got hacked and are the ones responsible for their stolen identity.

[zalman]

I think the risk is a lot worse than having your deals being sold as leads. The risk is that the "hacker" now has the ability to steal these merchant's identities, and possibly directly steal funds using the information they just accessed. I agree that people should look out for fraudulent leads and calls, but also keep an eye out for an increase in frozen accounts in the future as a result of fraud.

Of course we still don't know who the perpetrator is or their intentions. Hopefully we'll get more info soon. Also, some of you may not care because you're a broker and don't have long term financial relationships with these merchants, but some of us have millions tied up in these businesses and in the Centrex system. A merchant doesn't know who or what Centrex is, they just know that the funder they used got hacked and are the ones responsible for their stolen identity.

Would it make sense to get ahead of it and send an email out to your merchants notifying them of the breach. I'm not a legal expert but there is a fair chance that there is a legal requirement to notify people if their data has been breached.

https://www.ncsl.org/technology-and-...0is%20breached.

Screenshot 2024-06-05 10.01.48 AM.png

[diditevenfund]

Would it make sense to get ahead of it and send an email out to your merchants notifying them of the breach. I'm not a legal expert but there is a fair chance that there is a legal requirement to notify people if their data has been breached.

https://www.ncsl.org/technology-and-...0is%20breached.

Screenshot 2024-06-05 10.01.48 AM.png

And how are people who do not use Centrex supposed to do this when nothing is disclosed on impacted parties?

[Yankeeman07]

And how are people who do not use Centrex supposed to do this when nothing is disclosed on impacted parties?

Read Centrex Post:

How did Centrex respond?
We engaged legal counsel and cyber forensics quickly upon discovery in accordance with our policies. We preserved all available logs for analysis, as well as requesting logs from our third-party providers.

What information was involved?
Our investigation into the incident remains ongoing. Once the investigation is complete, and if our review determines any customer or personal information is involved, we will notify the appropriate parties in accordance with our legal obligations and state and Federal law. We understand the importance of this information and will ensure that this process is carried out as quickly and efficiently as possible.

[Kevin Henry-Seacoast]

DailyFunder Community,

I have always maintained transparency in all my posts about Centrex Software and our service to the alternative corporate finance community. We are dedicated advocates of the entire corporate finance space and operate our business with the utmost integrity. We deeply value our relationships with each of our clients, vendors, and partners.

We want you to hear from us directly before any false rumors or claims circulate within the industry. On May 21, 2024, Centrex Software became aware of a vulnerability within our service provider's system that was exploited by an unidentified, unauthorized party, potentially allowing access to client documents stored in our service provider's systems. We immediately worked with our service provider as they launched their incident response protocol to investigate the incident’s details, including to identify the responsible party, confirm the root cause, and verify the type of data that may be involved. They were able to successfully resolve the vulnerability by 5:45pm CST on May 21, 2024.

Currently, our team is focused on a comprehensive analysis to ensure we understand the full scope and nature of the incident. This analysis is augmented by external cybersecurity specialists at Kroll, SureFire Cyber, and our outside counsel. The FBI has been notified of this incident and we are making progress in determining who may be responsible for these actions. We fully intend to prosecute those involved in this egregious act.

While the immediate security concern has been addressed, we are taking steps to prevent future occurrences. We will share additional information as it becomes available, including any updates from law enforcement, and we will provide guidance on our customer and consumer notification process once our investigation is complete.

We will update the following FAQ with new information as it becomes available.

What was the issue identified?
We identified that code in a legacy client portal exposed a vulnerability in which an unauthorized third-party exploited client documents. It was discovered and patched on May 21, 2024. We are working closely with our cybersecurity specialists to confirm these details.

Why am I just being notified now on June 3rd 2024?
Our service provider's incident response protocol is a strict process and takes time to make sure Centrex Software customers are aware of the facts.

Was this ransomware?
No, this is not a ransomware incident.

Who is your service provider?
Set Forth, Inc. (“Forth”) provides the intellectual property and maintenance services for the Centrex Software platform. We are working closely with them to investigate this incident.

How did Centrex respond?
We engaged legal counsel and cyber forensics quickly upon discovery in accordance with our policies. We preserved all available logs for analysis, as well as requesting logs from our third-party providers.

What information was involved?
Our investigation into the incident remains ongoing. Once the investigation is complete, and if our review determines any customer or personal information is involved, we will notify the appropriate parties in accordance with our legal obligations and state and Federal law. We understand the importance of this information and will ensure that this process is carried out as quickly and efficiently as possible.

Who can we contact if we have more questions?
All questions concerning the incident should be submitted to incidents@centrexsoftware.com. We will respond to each question as soon as we can and appreciate your patience and understanding through this process.

We work hard every day to provide our clients a secure, reliable system, and to operate our business with the utmost integrity and transparency. We welcome any questions or comments you may have, and we remain committed to delivering on our promises to you.

Kind Regards,

Trey Markel
VP Sales & Marketing
(888) 622-5810
www.CentrexSoftware.com

Hey Trey,

I know you are putting a host of fires out..... You stated your company contacted the FBI. Make sure you reach out to the United States Secret Service Cyber Crime Unit. There is probably a local field office near you. They can be VERY helpful!

[Yankeeman07]

No Industry is Immune from Attacks

https://ien.formstack.com/forms/indu...breach_podcast

[DailyCloser]

Do we have any updates here? A recent lawsuit was just filed of someone suing Centrex for backdooring data.

https://fintalknow.com/centrex_lawsuit

[Michael I]

Do we have any updates here? A recent lawsuit was just filed of someone suing Centrex for backdooring data.

https://fintalknow.com/centrex_lawsuit

i guess now we know why they did this post . to get ahead of it

[diditevenfund]

welp...

[treymarkel]

On June 3rd 2024, we announced to the community and to Centrex Software customers that our service provider had a vulnerability that was exploited by a criminal third party.

Since that time, an article and a lawsuit suggest that Centrex and its service provider are the source of this data incident, and that Centrex and its service provider participate in a common industry practice of “backdooring” or buying and selling customer data. Neither Centrex nor its service provider have evidence or reason to believe that the data was accessed and/or released by any person within its organizations. Nor does Centrex or its service provider ever buy or sell customer data or information in any way.

The two forensic cyber security firms that our service provider is working with are at the tail end of their investigation.

I would also recommend looking at the very next article on the homepage of fintalknow.com, as it clearly represents the true problem within the alternative corporate finance sector as it relates to data and document theft.

https://fintalknow.com/lead_source

Cheers,

Trey Markel
VP Sales and Marketing
(888) 622-5810
tmarkel@centrexsoftware.com
www.centrexsoftware.com

[diditevenfund]

Will be very interesting to see if some "well known" names in the MCA space are behind this. Wonder if anyone has beef with the plaintiff that also has a way to get access to things?

Following.

[mca2150]

The real interesting part is that the article doesn't just quote the lawsuit verbatim. They actually claim to have additional sources identifying the people directly involved in these transactions. This is the beginning of a potential criminal case if there's any truth to it.

[DailyCloser]

The real interesting part is that the article doesn't just quote the lawsuit verbatim. They actually claim to have additional sources identifying the people directly involved in these transactions. This is the beginning of a potential criminal case if there's any truth to it.

Yikes.. Maybe this is what we needed to stop all the backdooring thats been going on.

If Centrex wins this case, everyone owes them an apology. but until then get your popcorn ready

[treymarkel]

Just curious.....does anyone know who owns or runs the fintalknow.com website?

I consider myself a professional, seasoned marketer in the fintech space and I have never heard of this website until someone sent me the article on Centrex last week. I was never called or emailed for a comment or an interview which is standard practice when writing such articles.

Thoughts?

Cheers,

Trey Markel
VP Sales and Marketing
(888) 622-5810
tmarkel@centrexsoftware.com
www.centrexsoftware.com

[NeedmoreISOS]

This is an Unfortunate turn of events.