On Friday morning, December 10, 2021, we learned of a zero-day exploit, CVE-2021-44228 Log4Shell: RCE 0-day Exploit, and initiated our incident response and vulnerability management process.
After thorough assessments, we have determined that the Latitude systems were not vulnerable to the exploit. We are still investigating third party vendors and continuously monitoring the situation as it evolves, and more information is found out about everything that Log4J touches.
We will continue to patch our systems as in best practices and monitor for potential compromises as the event is still globally happening.
To date, no impact to customer data or services have been identified. If we discover actual impact on our systems, any impacted organizations will be notified per our incident response process.
Please reach out to us with any questions.
|