Brillium experienced a notice incident on December 21, 2021 affecting API and User Administration and Authentication and 1 more component, lasting 20d 9h. The incident has been resolved; the full update timeline is below.
Affected components
Update timeline
- monitoring Dec 21, 2021, 11:47 AM UTC
Brillium is aware of the recently disclosed security issue affecting the open-source Apache "Log4j2" utility. We are actively monitoring this issue, and are working on addressing it for any Brillium services which use Log4j2. At the moment, we have identified no use of Log4j2 within our direct platform nor have we identified any vulnerabilities but will continue to monitor. Should you have any question regarding Log4j2, please do not hesitate to contact us as [email protected].
- resolved Jan 10, 2022, 09:40 PM UTC
This incident has been resolved.
- postmortem Jan 12, 2022, 03:00 PM UTC
After conducting a thorough review, we have confirmed and verified that Log4J is not implemented as part of Brillium’s software application services.