UPDATE [Tue, 14 May 2024 01:16:00 UTC] -  Following a thorough investigation, Zscaler concluded there is no impact or compromise to our customer, production and corporate environments. The impact was limited to an isolated single server test environment (without customer data) not hosted on Zscaler infrastructure. The independent third-party IR investigation, which conducted forensic analysis of the incident, is also complete, and the third-party findings are consistent with those of Zscaler.

This incident is resolved. Please contact Zscaler Support if you have additional questions.

UPDATE [Fri, 10 May 2024 03:40:00 UTC] - Zscaler reiterates there is no impact or compromise to our customer, production and corporate environments. Zscaler and the independent third party incident response firm continue to work on forensics analysis of the quarantined test environment.

We continue to monitor the situation and will provide additional updates through the completion of the investigation.

UPDATE [Thu, 09 May 2024 05:56:00 UTC] - Zscaler continues to investigate and reiterates there is no impact or compromise to our customer, production and corporate environments. During the afternoon of May 8, we engaged a reputable incident response firm that initiated an independent investigation. We continue to monitor the situation and will provide additional updates through the completion of the investigation.

UPDATE [Wed, 08 May 2024 11:09:00 PM UTC] - Zscaler can confirm there is no impact or compromise to its customer, production and corporate environments. 

Our investigation discovered an isolated test environment on a single server (without any customer data) which was exposed to the internet. The test environment was not hosted on Zscaler infrastructure and had no connectivity to Zscaler’s environments. The test environment was taken offline for forensic analysis. 

UPDATE [Wed, 08 May 2024 07:18:00 PM UTC]- Zscaler’s priority is our customer and production environment and we have not discovered any evidence of incident or compromise to these environments. We are continuing our investigation and closely monitoring the situation.

[Wed, 08 May 2024 05:20:00 PM UTC]

Zscaler is aware of a public X (formerly known as Twitter) post by a threat actor claiming to have potentially obtained unauthorized information from a cybersecurity company. There is an ongoing investigation we initiated immediately after learning about the claims. We take every potential threat and claim very seriously and will continue our rigorous investigation.

We will continue to investigate, monitor the situation and provide an update.