Information on the security of personal data in Sameday – update incident April 7, 2020

Incident details

Sameday is concerned about the security of the data relating to each shipment and applies adequate security and protection measures to protect the confidentiality of the data of all customers and recipients of the managed packages.

However, on April 7, 2020, the company was the target of a computer incident, and a fraction of the shipment data for the October-November 2019 period was illegally extracted by an unauthorized person outside the company, and posted on a forum (www.raidforums.com). We reacted quickly to identify the source of the problem, managing to fix it as soon as possible. At this time, the data whose privacy was affected, have been deleted.

As a result of this incident, the entire Sameday database was not compromised, but only a logbook with AWBs containing data of our customers used on mobile courier devices to deliver orders.

We apologize for the situation created. We want to ensure that, in addition to the existing protection measures,
we will invest significantly more resources to build stronger protection mechanisms against cyber attacks.
We are responsible and aware of the seriousness of the situation, and we assure you that we have made and continue
to make every possible effort to minimize the negative impact of the incident.
We are working with the competent authorities to identify the persons responsible and ensure that we learn from what
happened so that such situations do not recur.

Exposed Information 

The purpose of this incident was an AWB journal with shipments from the end of last year (October-November 2019), which contains data used for order delivery: AWB number and date, indicative of couriers, parcel weight, delivery time, sender / consignee name, address, telephone number, delivery status, type of service, amount receivable.

Very important: the confidentiality of the payment instruments, the account and the customer password has not been
compromised in any way. In fact, compared to the data listed above, no other data was exposed. Sameday does not store information regarding card numbers, accounts, transactions. Also, there were no data regarding
invoices, balances, tariffs belonging to the senders.

Easybox transactions Card payment at easybox is made through a secure communication channel of the partner bank, and the card details never reach Sameday.
These data were not affected by the security incident that occurred.

Affected users

The entire Sameday database was not compromised, but only a journal with references from the end of last year. The affected users have been notified individually. As such, to the extent that you were not contacted by Sameday, your data was not affected.

When did we find out about the incident? We found out about the incident on April 7, shortly after the time the data was posted on the forum.
We reacted quickly to identify the source of the problem, managing to fix it as soon as possible. At this time, the data whose privacy has been compromised have been deleted.

How did it happen?

We have notified the relevant authorities for investigating this extremely serious fact and in parallel, we are conducting an
internal investigation, involving both our team of specialists and an external specialized team.
We are working together with the bodies authorized in cyber crimes, notified by us, to find out and sanction those responsible for the created situation.

What were the immediate measures we took? The problem was identified and remedied on the same day that the data was made public illegally. As soon as we detected the incident, I took all possible measures to stop the situation. Data security and confidentiality are a priority for us, which is why we assure both the partners we work with and the recipients of the deliveries that the data whose privacy has been compromised have already been deleted. In addition, we have hired and involved a team specialized in cyber security incidents, we are working with this to strengthen security measures in order to prevent other possible exposures, even if this may mean for us a lower productivity of our information systems.

What should users of Sameday services do?

At this time, Sameday users should not take any individual action. Should users reset their password for the eAWB account?

The incident did not expose user type information, password, email address. However, we reiterate the importance of having strong passwords (with characters, numbers and signs), distinct for each individual account, as well as the need to change them periodically.

I have several questions regarding this incident. Who should I contact?

We are open to answer any questions or clarifications and you can write to us at data.protection@sameday.ro. You can also contact your sales consultant directly.