We apologize for any stress your teams may have felt during this period.
We continue to focus on the safety and security of your business operations.
Marketron recently experienced a cyber event.
We apologize for any stress your teams may have felt during this period.
- Marketron REV
- Marketron NXT
- Marketron Traffic
- Visual Traffic Cloud
- Visual Traffic (on-premise)
- Production Hub
- Traffic Portal
- Advertiser Portal
- Proof of Performance
- Electronic Invoices
(report any delivery failures to support)
- Electronic Orders
(known issue with Tapscan orders)
- Network Connect
- Email Marketing
- Mobile Messaging
- Marketron Learning Center
As you know, Marketron discovered suspicious activity that temporarily impacted certain business operations. We apologize for the stress this incident may have caused you and your team.
Through our investigation, we confirmed this was a sophisticated ransomware attack limited to specific parts of our network. Unfortunately, incidents of this magnitude and complexity are becoming common. Previous investments in technology, a strong business continuity plan, dedicated employees and support from industry-leading cybersecurity firms allowed us to recover in a way that most organizations do not. Through our preparedness and swift response efforts, we began restoring service for customers 48 hours after the incident, with all traffic services and data restored within a week.
Steps Taken to Respond, Restore and Recover
Immediately following the discovery of the attack, Marketron partnered with industry-leading forensic investigators and cybersecurity firms. These partners provided strategic, experienced guidance and the resources to run multiple workstreams around prevention, detection, restoration and forensics.
To ensure the safety and security of operations, an entirely new network environment was built from the ground up. Investments here included new hardware, network infrastructure and software tools. Recovering by building an entirely new environment is not the fastest method; however, it is a gold standard in recovery from a security perspective. Given the nature of the incident, we believe it to be the most prudent method. Had a natural disaster or other incident occurred, our approach to recovery would have been different, with little to no impact on customers.
Prior to being brought back online, our technology partners ran the software through extensive security checks to confirm the safety of the platform. Before being restored, customer data was taken offline, thoroughly scanned and then restored into the new environment.
We are running extensive scanning within the platform, on all devices and internet traffic. Additionally, with the assistance of our third-party specialists, a state-of-the-art endpoint detection and response tool was deployed to the environment. This system is monitored continuously by security professionals.
The Security of Your Technology and Payment Data
This cyber incident was isolated to Marketron’s production network, which is separate from our corporate communication systems and tools. We have no reason to believe that there was any risk from our emails, website and other internal tools.
Because the incident is isolated to Marketron’s network, which is segregated from our customers’ technology infrastructure, there is no evidence of impact to our customers’ technology. Given the increase in these types of attacks, all businesses should consider the safety and security of their technology infrastructure. The Cybersecurity and Infrastructure Security Agency (CISA) leads the national effort to protect and enhance the resilience of the nation’s physical and cyber infrastructure. Their website provides cybersecurity resources and best practices for businesses, government agencies and other organizations: https://www.cisa.gov/cybersecurity.
Credit card information shared via PayNow and Payments was not involved in this issue. The form that gathers the credit card information is from a third-party credit card processor, and no credit card data is collected on the Marketron network or stored in the Marketron system. Likewise, the payment information you provide to Marketron for service is also handled in this manner and not stored in our systems.
As mentioned above, we have already implemented changes to our technology systems. We are running extensive scanning within the platform, on all devices and internet traffic, as well as a state-of-the-art endpoint detection and response tool that is monitored around the clock. We have expanded other tooling, hardware and physical infrastructure and have implemented new policies, procedures and reviews.
Media coverage tells us that even the largest, most sophisticated organizations are not immune to cyberattacks. While we have recovered quicker than most, we recognize that for any company, there will always be room to get better and be better. With continued support from industry-leading cybersecurity firms, we will continue to devote significant resources to ensuring our systems are protected.
Over the next few weeks, we will complete the process of planning additional investments and will move forward quickly to implement and capitalize on those measures.
We would like to be able to provide the reassurance that comes with specifics about these security measures as well as additional details on the event; however, as a key principle for maintaining the integrity of our security measures and the configuration of our network infrastructure, as well as that of other organizations with similar infrastructures, we cannot share such details. We appreciate your understanding.
With assistance of our third-party remediation and restoration specialists and forensic investigators, we prepared an entirely new environment. Prior to being brought back online, our technology partners ran the software through extensive security checks to confirm the safety of the platform. We are running extensive scanning within the platform, on all devices, and internet traffic. Additionally, with the assistance of our third-party specialists, a state-of-the-art end point detection and response tool has been deployed to the environment, which is continuously monitored around the clock by security professionals.
Please ask your IT department to whitelist our domain to ensure emails are not being blocked. Check your spam filters for communication from Marketron that may have been sent prior to this action. When your service has been restored, Marketron will send an email from firstname.lastname@example.org or email@example.com containing your new log in instructions.
Please follow the steps on this page for reconciliation:
The statement at the link below is available to help you answer questions you may be receiving from your advertisers. We will provide you with additional information to share with your advertisers when it is available.
We have updated our Network Connect partners on the status of the situation. We recommend you reach out directly to your network providers to discuss their recommendations on processing this week's orders.
How do I know that the emails that I’m receiving from Marketron are safe? How do I know that the website is safe?
This cyber incident is isolated to Marketron’s production network, which is separate from our corporate communication systems and tools. At this time, we have no reason to believe that there is any risk from our emails, website and other internal tools.
If you have concerns about the legitimacy of an email, please contact our support team for verification. You can reach our status page by visiting our website homepage and navigating from there. As always, please consult with your own IT department as to any steps that may be taken to best protect your own systems.
We are working with third-party forensic investigators to understand the full nature and scope of the event, determine root cause, and to ensure the integrity, safety, and security of our systems and data. We are unable to confirm the root cause of the event at this time and this investigation is very much on-going.
We want to assure you that the integrity, safety, and security of our systems and the information held in our care is our highest priority. With the assistance of third-party specialists, we are working diligently to identify the full nature and scope of the event including what, if any, impact there may be to customer data. We continue to investigate and we will provide additional information as it becomes available.
This cyber incident is isolated to Marektron’s network, which is segregated from our customers’ technology infrastructure. While we understand many customers are experiencing interruptions in the services we provide as a result of this event, at this time, we do not have evidence of impact to our customers’ own technology infrastructure. Please consult with your own IT department as to any steps that may be taken to best protect your own systems.
Advertising Portal is now available to your advertisers. Out of an abundance of caution, Marketron is requiring all Advertising Portal users to reset their passwords for the portal. Please be advised that the next time they log in to Advertiser Portal they will be prompted to change their password.
Credit card information shared via PayNow is not involved in the current issue. The form that gathers the credit card information is from a third-party credit card processor and no credit card data is collected on the Marketron network or stored in the Marketron system. Likewise, the payment information you provide to Marketron for service is handled in a similar the manner and not stored in our systems.
We will continue to send regular communication via email about the status of restoring service. Our support team can be reached via standard methods but please know they are fielding a tremendous number of inquiries.
Toll-free: (888) 239-8878