Attack and intrusion on SOTE servers

Due to the attack and intrusion on SOTE servers and the disclosure of an attempt to unlawfully, illegally access information covered by entrepreneur's secrecy, we were obliged to immediately initiate security procedures, which have been underway for several days. The matter has also been reported to GIODO and the Police.

Central Bureau for Combating Cybercrime and GIODO

Since the beginning, the incident has been monitored by the Police. The case is being handled by the Central Bureau for Combating Cybercrime (CBZC) of the Provincial Police Headquarters, specializing in cybercrime, in cooperation with international organizations. Such cybercrimes are taken very seriously by the Police, and no one can feel immune.

We never cooperate with criminals and always provide all information to the Police and relevant authorities.

In case of violations, please inform us so that we can report the matter to the Police and contribute new materials to the ongoing investigation.

The breach has also been reported to GIODO.

Store Update and Password Change

For several days, we have been informing customers and partners about the need to change passwords and update the store. We greatly appreciate your compliance with our recommendations and smooth cooperation. Please follow subsequent updates and update stores regularly.

Change Passwords in the Store

If anyone has not yet updated and changed passwords, please do so as soon as possible and inform us that the passwords have been changed (without disclosing the passwords).

Password change is required for:

• Store administrative panel (all admins, i.e., all users logging into the panel).
• Email account defined in the store's administrative panel in Mail Service (from which automatic emails from the store are sent) - you need to change the password for this email account and then enter the new password in the store panel in the Mail Service section.
• FTP account on the server where the store is located (on our servers, it is the same as the Direct Admin account).
• Database credentials used by the store.

Documentation: https://www.sote.pl/docs/password-changes

If the store is hosted on servers other than SOTE servers, changing FTP and database information may differ from the instructions above. In case of doubts, please contact the technical support of the server where the store is hosted.

We also remind you never to send store access data in plain text. If there is a need to provide them to us, for example, for technical assistance, encode the data first at https://soteshop.com/secure

Store Update

In addition to changing passwords, it is also necessary to update the store. This introduces automatic two-factor authentication, enhanced monitoring, and other security measures.

Store update documentation: Update
2FA documentation: Two-Factor Authentication in the Store

Summary

We inform that as part of the initiated security procedure and to prevent the commission of prohibited acts, we have notified not only the relevant authorities, Police, customers, partners, but also publicly provide information about the entire incident, as a transparency element of our actions and a determined fight against cybercrime.

Please take our request for update and password change very seriously, and in case of doubts or questions, please contact us.