We are happy to report that we have upgraded Ceros to use a new server with the updated log4j library. This means there are no remaining vulnerabilites for Ceros analytics and they are now back online. You should now be able to review the data collected while analytics was in maintenance mode and you will see analytics reported normally moving forward.
Should you have any questions about this upgrade, please email mailto:support@ceros.com.
Posted Dec 18, 2021 - 12:21 EST
Identified
In an effort to protect Ceros systems against the log4j vulnerability, we will be applying a patch to our analytics infrastructure. While we have not seen any evidence of Ceros systems being compromised, we are utilizing a sub-processor for Ceros analytics. As part of our remediation plans, we will be putting our analytics into maintenance mode while we work on releasing a patch to mitigate the vulnerability.
During this time, users will be able to access Ceros and no event data will be lost however, new data will not be seen in Ceros analytics until after the maintenance period has concluded and the log4j vulnerability has been resolved.
Please stay tuned to the status page for further updates as they become available and please feel free to email support@ceros.com should you have any questions.
Posted Dec 15, 2021 - 13:13 EST
This incident affected: Analytics (Displaying Visitor Metrics).