Censornet issue impacts GravityZone Security for Email

A recent software update deployed by our technology partner, Censornet, introduced an update that, under certain conditions, caused unintended recipients to be added to emails processed through the Bitdefender GravityZone Security for Email solution. This issue is estimated to have affected some users between January 15–20, 2025 according to Censornet. Full incident details are available here: https://censornet.com/ems-rca/

The software defect affected both outbound and inbound email traffic. Each customer affected during our impact analysis is notified through an enterprise support ticket; all available forensic data is provided at an account level.

Censornet identified the root cause and rolled back the problematic update as of January 20, 2025, restoring normal functionality and announced the issue has been resolved.

Due to the nature of the bug, the issue occurred under specific platform overload situations. The full impact analysis is still ongoing. We are sending this notification to all users of GravityZone Security for Email to ensure full transparency.

If you are among the customers identified by our joint Bitdefender-Censornet impact analysis investigation, Bitdefender’s support team will open a ticket to communicate directly with you and provide additional details. If you haven’t received a support ticket but suspect an issue, please contact us at  [email protected]  for assistance.

Censornet and Bitdefender do not have access to the content of customer emails.

However, the unintended inclusion of recipients may have resulted in privacy concerns, depending on the content of the email. If you are among the customers identified by our joint Bitdefender-Censornet impact analysis investigation, Bitdefender’s support team will open when information is available, a ticket to communicate directly with you and provide additional known details.

Bitdefender acted immediately upon identifying the issue by engaging with Censornet to escalate the matter and initiate a thorough investigation. The problematic update was promptly rolled back, and the root cause was addressed. As the investigation continues, we are committed to providing regular updates to our customers and partners. Additionally, we are conducting a comprehensive review of Censornet’s processes to prevent similar incidents in the future.

At this time, unless you have received a support ticket from Bitdefender Enterprise Support there is no required action from your side. However, if you have concerns about specific email communications, we recommend reviewing your email logs and contacting our support team if you need further assistance.

In parallel with the ongoing investigation, Bitdefender is conducting a comprehensive review of Censornet’s processes to ensure stricter controls are implemented. This issue stemmed from a software update, which, under standard business practices, does not typically require prior approval or notification. However, once the investigation is finalized and findings are fully assessed, Bitdefender will implement a set of appropriate measures to establish greater oversight and control over future updates.

If you have further questions or need assistance, please contact our support team at [email protected], and we will be happy to help.

If your customer is among the customers we know to date were affected, Bitdefender’s support team has opened a ticket to communicate directly with them and provide additional details. We will continue to address tickets as new information arises.  If you have a customer who hasn’t received a support ticket but suspects an issue, please contact us at [email protected] for assistance.