Kindly experienced a notice incident on August 27, 2025, lasting —. The incident has been resolved; the full update timeline is below.
Update timeline
- resolved Aug 27, 2025, 02:47 PM UTC
An employee’s laptop was inadvertently connected directly to their home internet service, bypassing a router/firewall and exposing network ports to the public internet. Automated bots scanning the internet identified an exposed service running inside a Docker container and exploited a vulnerability to deploy a cryptominer within that container. The container held some chatbot configuration files only; it did not contain sensitive or personal data. Our investigation to date shows no evidence of data leakage or any other breach beyond the cryptominer. We are reinforcing endpoint and network configuration requirements to prevent recurrence.