Regarding Today’s Service Attack

At approximately 6:45 AM EST we identified sporadic failures with access to our service. An initial inquiry has revealed that there was a breach at our domain registrar that resulted in the WHOIS record of being modified to point to a different DNS server. That DNS server had been configured to point Gigya’s CDN domain ( to a server controlled by the hackers, where they served a file called “socialize.js” with an alert claiming that the site had been hacked by the Syrian Electronic Army.

To be absolutely clear: neither Gigya’s platform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised. Rather, the attack only served other JavaScript files instead of those served by Gigya.

The WHOIS record was corrected at 7:40 AM EST. However, due to the nature of WHOIS and DNS operation, this fix is expected to take more time to fully propagate. If you still experience issues in the next hour, please contact Gigya Support.

Gigya has the highest levels of security around our service and user data. We have put additional measures in place to protect against this type of attack in the future.

Thank you for your patience.


Patrick Salyer, CEO

By Patrick Salyer