In regards to the security vulnerability in Java (log4j), we want to let you know we’ve taken steps to protect your personal information at Method.
What is log4j?
This Apache Log4j Remote Code Execution Vulnerability exploits a free tool called log4j, which many programs use to log information. A malicious user can take advantage of user's data stored in the log files and gain access to the system the tool is hosted on.
Since the vulnerability was made known, log4j has been updated to avoid this attack.
Your data is protected in Method
At Method, you will be happy to know that we do not store the user's data the vulnerability takes advantage of. We conducted a full code review to validate that Method wasn't impacted.
If you’d like more information about log4j, the Cybersecurity and Infrastructure Security Agency (CISA) has released a statement that you can read here.
Thank you for being a valued Method customer. Your trust means everything to us.