Revel Systems incident

RA XT Users Received a Password Reset Email

Minor Resolved View vendor source →

Revel Systems experienced a minor incident on August 16, 2024 affecting Revel Advantage Merchant Portal, lasting 7h 4m. The incident has been resolved; the full update timeline is below.

Started
Aug 16, 2024, 03:30 PM UTC
Resolved
Aug 16, 2024, 10:35 PM UTC
Duration
7h 4m
Detected by Pingoru
Aug 16, 2024, 03:30 PM UTC

Affected components

Revel Advantage Merchant Portal

Update timeline

  1. investigating Aug 16, 2024, 03:30 PM UTC

    We received reports of portal users receiving unexpected password reset emails. Investigating why these were sent out.

  2. identified Aug 16, 2024, 05:10 PM UTC

    There were password reset attempts by malicious users. We are working to block the source. We have confirmed this is a bot request and no data has been compromised. In the meantime, if users receive an unexpected request to reset their password, please disregard.

  3. resolved Aug 16, 2024, 10:35 PM UTC

    As indicated earlier today, we received reports of RA XT portal users receiving unexpected password reset emails. You and your merchants should disregard the request to reset your password. We believe bad actors used publicly available information to send these requests. At this time, we have no evidence of account compromise and will communicate as appropriate if that were to change. Please know we have put additional security measures in place to help prevent this from recurring.