We are writing to let you know that we recently discovered that some user data was compromised as a result of unauthorized access to our systems by a malicious third party. We are very sorry for any concern or inconvenience this may cause. We are working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future.
CWE-200 An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.
The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.
CWE-264 Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.