Recent Cybersecurity Incident Information Center

AvidXchange is investigating a cybersecurity incident that affected some of AvidXchange’s systems and data. As part of our ongoing response to this incident, we created this page to share information and updates with our customers.

Summary

Updated as of June 1, 2023

In early April 2023, AvidXchange detected a cybersecurity incident as part of our routine security monitoring protocols. In response to the incident, we launched an investigation with the support of leading cybersecurity experts, reached out to law enforcement, and have taken and will continue to take actions to implement additional safeguards.

The investigation, which is ongoing, has revealed that the incident affected some of AvidXchange’s systems and that data from these systems was taken. As part of our investigation, we have learned that threat actors published data taken from AvidXchange’s systems. This data includes some confidential information, including bank account numbers, from some of our customers. On May 31, a threat actor published additional data it claims are from AvidXchange’s systems. We are investigating those claims and if we determine that the published information includes confidential data, we will contact those affected directly.

Our solutions remain operational, and we continue to process customer transactions, including invoices and payments, through our systems. Our efforts to respond to the incident and to implement additional safeguards and enhance our security have resulted and may in the future result in temporary disruptions to certain features or products.

As a general matter, in these situations, security experts recommend that you remain vigilant against phishing attempts and only click on links that originate from a trusted sender or domain name.

We take this situation extremely seriously and we are working expeditiously to complete the investigation in collaboration with cybersecurity experts. Thank you for your patience as we work to resolve this issue.

Please contact [email protected] if you have additional questions.

FAQs

1. Was my company’s data impacted?

The forensic investigation is ongoing and will take time to complete. If we determine that the published information includes confidential data, we will contact those affected directly.

2. What steps are you taking to address the incident?

Security is a critical concern and priority for AvidXchange, and we are taking actions to implement additional safeguards. These safeguards include:

  • Resetting internal passwords company-wide (service accounts and teammate passwords).
  • Modifying firewall settings to further restrict inbound and outbound access to our environments.
  • Implementing additional logging and process restrictions.
  • Improving our Secure Endpoint Policy configuration.
  • Adding additional conditional access policies to ensure logins come from known, trusted sources.
  • Establishing separate, cloud-based user accounts to further limit and restrict the capabilities of privileged accounts.

Please know that we take this situation extremely seriously. We are working expeditiously to complete the investigation in collaboration with cybersecurity experts. We have invested heavily in security over the years, and we will continue to identify ways to further enhance our protocols and practices.

3. What additional security measures do I need to take?

We are contacting affected customers directly and providing them information about how they can protect themselves.

4. How can I stay informed?

We will continue to share updates on this page to keep customers and others updated on the situation.

Best Practices

In light of this incident, we are sharing best practices and additional resources that describe additional steps you can take to help protect your information, including recommendations by the Federal Trade Commission regarding basic practices to reduce risk of a cyber incident and details on how to keep your password secure.

We use cookies to improve your experience, personalize content and analyze our website’s performance. For more information on how we collect and use this information, please review our privacy policy.