Cybercriminals are exploiting lax authentication protocols in Zendesk's customer support platform to send a deluge of spam emails from various corporate accounts, overwhelming targeted inboxes. Zendesk acknowledged the issue, stating that customers can configure their systems to allow anonymous ticket submissions, which can be manipulated for spam purposes. The company is investigating further security measures to prevent such abuse while recommending customers implement authenticated workflows for ticket creation.

5CA refutes claims that its third-party Zendesk platform was the source of a recent data breach affecting Discord, in which hackers accessed sensitive information of approximately 5.5 million users. The hacker group Scattered LAPSUS$ claimed responsibility for the breach, which exposed government IDs and other personal data. 5CA is conducting a forensic investigation to verify the incident's details and ensure data security.