The Joy of sharing............

[Buck Turgidson]

What has happened?


On or around 9 June 2023, Navico Group suffered an Incident. We promptly commenced an investigation into the Incident, and subsequently determined that an external threat actor had gained unauthorised access to certain IT systems including the C-MAP Apps’ database.
The following types of information about you may have been stored in the C-MAP Apps’ database, and it is possible that the unauthorised third party accessed this information:
• Basic personal information: Full name.
• Contact information: Address, email, previous emails.
• Vessel related information: Public places added, home harbour, boat Name/registration.
• Location data (not live location): waypoints, routes, and tracks – last access IP address.
• Preferences, user settings and analytics.
• App subscription type (premium/free).
• Encrypted (hashed and salted) passwords for a limited number of users who did not connect to the service over the last two years.


Steps taken by Navico Group to address the Incident


We have taken the following steps to address the Incident:
• as soon as the Incident was discovered, we restricted access to our systems and initiated an investigation into the cause of the suspicious activity;
• we engaged external advisors to assist in our investigation;
• as the extent of the Incident became known, we took all our internet-facing services offline;
• we have asked, and will ask some of our users to change their passwords upon opening their C-MAP App;
• we moved our C-MAP Apps data to a more secure server location, which we believe will provide even greater security;
• we applied additional security settings prior to reinstating those services; and
• we reported the Incident to Data Protection Authorities where required.

This never happened when we used pencils and paper charts....