Trust Center
The world’s leading security teams rely on Tines to automate their mission-critical processes. They trust Tines to operate securely and to protect their data at all times. We take this trust seriously. Here you’ll find an overview of some of the measures we’ve implemented to ensure security and privacy are key tenets of our culture and are ingrained in how we operate day-to-day.
Subprocessors
Subprocessors
Klue
Tines is sharing an update with our customers regarding an incident involving Klue, a third-party software vendor that integrated with Tines' Salesforce environment. Tines was notified that it was among the organisations affected by this incident, which impacted Tines’ Salesforce instance and accessed the CRM data it holds.
We have found no evidence of unauthorized access to any other systems including the Tines platform and customer environments.
What happened
Tines was notified that a threat actor gained access to systems operated by Klue and used credentials associated with customer integrations to access Salesforce data across multiple organizations, including Tines. Salesforce has since suspended Klue's access, and we immediately initiated an investigation.
Our investigation found that Tines’ Salesforce environment was accessed as part of this incident. Information accessed included business and account contact information, opportunity information and commercial communications stored in Salesforce. This did not impact the Tines platform or customer environments.
What you should keep in mind
A risk arising from this incident is the potential use of this information in targeting phishing or social engineering attempts. We recommend that your team remains vigilant of unexpected communications referencing Tines.
For more information, our blog post details the up-to-date information on this incident and our response. It will be updated as and when we receive any new information.
Vercel Security Breach
We are aware of the recent Vercel security incident. Please note that we exclusively use Vercel to host our public-facing marketing site; our core application and customer environments are hosted separately and do not utilize Vercel.
Based on our investigation to date, we have found no evidence that our systems, our Vercel account, or customer data were affected. The environment variables we store in Vercel are strictly limited to marketing site operations and would not have provided access to Tines' customer data. Out of an abundance of caution, we nevertheless rotated all such variables.
We have also been in contact with Vercel's security team, who stated that they do not have reason to believe our account or data were compromised. We will continue to monitor the situation closely and will provide updates if anything changes.
ASOS
Canva
Coinbase
Cyera
Databricks
Dropbox
Elastic
Fenergo
Freetrade
GitLab
Hims
Intercom
KAYAK
Lucid
Mars
McKesson
MongoDB
MyFitnessPal
Navan
Notion
PathAI
Pinterest
Plaid
Reddit
Ripple
SAP
Sendbird
Snowflake
Sprinklr
Yates Construction
Zendesk®