UserVoice

UserVoice, operating as UserVoice Inc., provides product management and customer support tools designed to assist businesses in gathering and analyzing user feedback. The company serves approximately 10,000 business customers, enabling them to prioritize product features and enhance customer service interactions. Its core offerings facilitate direct communication channels between businesses and their users, aiming to improve product development cycles and support resolution efficiency. The platform functions as a centralized hub for collecting suggestions, managing support tickets, and analyzing user sentiment to inform strategic decisions.

Headquartered in the United States of America, UserVoice experienced a significant cybersecurity incident on April 1, 2016. A cyberattack compromised its backend administrative system, leading to unauthorized access to sensitive data within a small subset of administrator and contributor accounts. The breach exposed customer names, associated email addresses, and weakly encrypted passwords. These passwords were hashed using the vulnerable SHA1 algorithm alongside corresponding salt strings, though no financial information was accessed during the incident. In response, UserVoice mandated a precautionary password reset for all users despite the limited number of accounts directly impacted, highlighting the compromised security of the stored password data as a notable operational vulnerability. This event underscores the risks associated with outdated cryptographic practices in protecting user credentials.