3CX: Difference between revisions - Consumer Rights Wiki

(17 intermediate revisions by 11 users not shown)

Line 1:

3CX, Inc., is a software development company and developer of the 3CX Phone System.

[[wikipedia:3CX|3CX, Inc.]], is a software development company and developer of the 3CX Phone System<ref name=":0">{{Cite web |last= |title=ENTERPRISE GRADE PHONE SYSTEM |url=https://www.3cx.com/phone-system/ |archive-url=https://web.archive.org/web/20250813032918/https://www.3cx.com/phone-system/ |archive-date=2025-08-13 |access-date=2025-08-13 |website=3cx.com}}</ref> founded in Cyprus in 2005-11-01.

~~The~~ 3CX Phone System is a software private branch exchange based on the SIP (Session Initiation Protocol) standard to allow calls via the public switched telephone network (PSTN) or via Voice over Internet Protocol (VoIP) services.

{{CompanyCargo

| Founded = 2005-11-01

| Industry = Telecommunication

| Website = https://www.3cx.com/

| Logo = 3CX Logo Grey background-1028917583.png

| Type = Private

}}

~~== Nick Galea ==~~

The 3CX Phone System is a digital [[wikipedia:Private_branch_exchange|private branch exchange]] based on the [[wikipedia:Session_Initiation_Protocol|Session Initiation Protocol]] (SIP) standard facilitating calls via either the [[wikipedia:Public_switched_telephone_network|public switched telephone network (PSTN)]] or using [[wikipedia:Voice_over_IP|Voice over Internet Protocol]] (VoIP) services <ref name=":0" />.

~~'''Nick Galea'''~~ is ~~the founder and Chief Technology Officer (CTO) of 3CX,~~ a ~~software-based~~ private branch exchange (~~PBX~~) ~~provider headquartered in Cyprus. He is known for leading~~ the ~~development of 3CX Phone System, a~~ VoIP ~~PBX solution used globally by small and medium-sized businesses~~.

=== ~~Career~~ ===

In 2023, during a major supply chain attack affecting the 3CX desktop application, the company's public response included engaging the services of Google-owned cybersecurity firm [[wikipedia:Mandiant|Mandiant]]<ref>{{Cite web |last=Lakshmanan |first=Ravie |date=Mar 31, 2023 |title=3CX Supply Chain Attack — Here's What We Know So Far |url=https://thehackernews.com/2023/03/3cx-supply-chain-attack-heres-what-we.html |archive-url=https://web.archive.org/web/20250627055223/https://thehackernews.com/2023/03/3cx-supply-chain-attack-heres-what-we.html |archive-date=June 27, 2025 |access-date=2025-08-12 |website=thehackernews.com}}</ref> and advising customers to uninstall affected versions.

~~Galea founded 3CX in 2005 and initially served as CEO~~. ~~Under his leadership~~, ~~the company grew from a Windows~~-~~only PBX provider to offering cross~~-~~platform support including Linux, Android,~~ and ~~iOS clients. The software became popular due~~ to ~~its web-based interface and support for SIP-standard devices~~.

In 2023, during a major supply chain attack affecting the 3CX desktop application, Galea oversaw the company's public response, including engaging cybersecurity firm Mandiant and advising customers to uninstall affected versions. His communication during the breach received mixed reactions from the broader IT and managed service provider (MSP) communities.[[3CX#user-content-fn-1|1]][[3CX#user-content-fn-2|2]]

==Controversies==

== ~~Controversies~~ ==

====Customer and Partner Relations====

The company's CTO, Nick Galea, has been the subject of criticism from some 3CX users and partners for alleged heavy-handed moderation practices and perceived unprofessional conduct in public forums. Multiple users on Reddit have reported being banned from the official 3CX community forums for raising technical concerns or criticizing company policies. <ref>{{Cite web |title=My 3CX Partnership Deleted and All Linked Clients Lost |url=https://www.reddit.com/r/3CX/comments/xev0u5/my_3cx_partnership_deleted_and_all_linked_clients/}}</ref><ref>{{Cite web |title=Banned from the 3CX Community |url=https://www.reddit.com/r/3CX/comments/xn0ztp/banned_from_the_3cx_community/}}</ref>

==== ~~Customer and Partner Relations~~ ====

====Supply Chain Incident Response====

~~Nick Galea has been~~ the ~~subject~~ of ~~criticism from some 3CX users and partners for alleged heavy~~-~~handed moderation practices and perceived unprofessional conduct in public forums~~. ~~Multiple users on Reddit have reported being banned from~~ the ~~official 3CX community forums for raising technical concerns or criticizing company policies~~.<~~sup~~>[[3CX~~#user~~-~~content~~-fn-3|~~3]][[3CX#user~~-~~content~~-fn-4|~~4]]~~</~~sup~~>

In March 2023, 3CX was the victim of a high-profile supply chain hack, thought to be the result of a cascade failure starting with the software X_Trader. This attack was linked to an earlier incident perpetrated by North Korean hackers, targeting software company [https://www.marketswiki.com/wiki/Trading_Technologies_International Trading Technologies]. A 3CX employee's PC containing the Trading Technologies App was used by the hackers to compromise their software and distribute malware to consumers. <ref>{{Cite news |last=Greenberg |first=Andy |date=Apr 20, 2023 |title=The Huge 3CX Breach Was Actually 2 Linked Supply Chain Attacks |url=https://www.wired.com/story/3cx-supply-chain-attack-times-two/ |archive-url=https://web.archive.org/web/20250726115243/https://www.wired.com/story/3cx-supply-chain-attack-times-two/ |archive-date=July 26, 2025 |work=Wired |pages=2025-08-12}}</ref><ref name=":1" />

~~A recurring theme~~ in ~~these reports includes:~~

3CX also faced backlash for requiring users to pay a fee when opening support tickets during the breach, which led to further public criticism from system administrators and IT professionals.<ref name=":1">{{Cite web |last=CrowdStrike |date=2023-03-29 |title=// 2023-03-29 // SITUATIONAL AWARENESS // CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers // |url=https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/ |website=reddit}}</ref><blockquote>"I have been in contact with 3CX and their suggestion is to open a support ticket at £75 per incident. Ludicrous." -wars_t (reddit.com) </blockquote>

* '''Forum bans for dissenting feedback''': Users claimed Galea personally blocked access to forums or terminated partnerships following criticism.[[3CX#user-content-fn-4|4]]

==References:==

* '''Removal of public complaints''': Several threads were deleted from Reddit and the 3CX community forums after users described negative experiences with Galea or 3CX leadership.[[3CX#user-content-fn-3|3]][[3CX#user-content-fn-5|5]]

* '''Alleged partner retaliation''': Some partners allege that their access to client accounts was revoked without prior warning.[[3CX#user-content-fn-6|6]]

[[Category:3CX]]

==== ~~Supply Chain Incident Response ====~~

In March 2023, 3CX was the victim of a high-profile supply chain attack, with desktop clients distributed via trojanized updates. During the incident, Galea issued statements that were later scrutinized for tone. A now-deleted Reddit comment attributed to Galea dismissed concerns by saying the issue was “not an exploit, it’s a feature,” which some MSPs interpreted as flippant.[[3CX#user-content-fn-7|7]]

In addition, 3CX faced backlash for requiring users to pay to open support tickets during the breach, which led to further public criticism from system administrators and IT professionals.[[3CX#user-content-fn-1|1]]</~~sup~~>

~~== References: ==~~

~~# “20230329 Situational Awareness - Crowdstrike,” ''r/crowdstrike'', Reddit [https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/ thread]~~

~~# “3CX desktop app compromised, abused in supply chain attack,” ''TechTarget'', [https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/ techtarget.com]~~

~~# “My 3CX Partnership Deleted and All Linked Clients Lost,” ''r/3CX'', Reddit [https://www.reddit.com/r/3CX/comments/xev0u5/my_3cx_partnership_deleted_and_all_linked_clients/ thread]~~

~~# “Stay Away from 3CX,” ''r/3CX'', Reddit [https://www.reddit.com/r/3CX/comments/1amkm5f/stay_away_from_3cx/ thread]~~

~~# “Banned from the 3CX Community,” ''r/3CX'', Reddit~~ [~~https://www.reddit.com/r/3CX/comments/xn0ztp/banned_from_the_3cx_community/ thread]~~

~~# “Anyone else ever been fired by 3CX as a customer?” ''r/3CX'', Reddit~~ [~~https~~:~~//www.reddit.com/r/~~3CX~~/comments/w7tyg7/anyone_else_ever_been_fired_by_3cx_as_a_customer/ thread~~]

~~# “3CX Compromise Confirmed by Nick,” ''r/msp'', Reddit [https://www.reddit.com/r/msp/comments/126ckmg/3cx_compromise_confirmed_by_nick/ thread~~]

@@ Line 1: / Line 1: @@
-CX, Inc., is a software development company and developer of the 3CX Phone System.
+{{StubNotice}}
+[[wikipedia:3CX|3CX, Inc.]], is a software development company and developer of the 3CX Phone System<ref name=":0">{{Cite web |last= |title=ENTERPRISE GRADE PHONE SYSTEM |url=https://www.3cx.com/phone-system/ |archive-url=https://web.archive.org/web/20250813032918/https://www.3cx.com/phone-system/ |archive-date=2025-08-13 |access-date=2025-08-13 |website=3cx.com}}</ref> founded in Cyprus in 2005-11-01.
-The 3CX Phone System is a software private branch exchange based on the SIP (Session Initiation Protocol) standard to allow calls via the public switched telephone network (PSTN) or via Voice over Internet Protocol (VoIP) services.
+{{CompanyCargo
+| Founded = 2005-11-01
+| Industry = Telecommunication
+| Website = https://www.3cx.com/
+| Logo = 3CX Logo Grey background-1028917583.png
+| Type = Private
+}}
-== Nick Galea ==
+The 3CX Phone System is a digital [[wikipedia:Private_branch_exchange|private branch exchange]] based on the [[wikipedia:Session_Initiation_Protocol|Session Initiation Protocol]] (SIP) standard facilitating calls via either the [[wikipedia:Public_switched_telephone_network|public switched telephone network (PSTN)]] or using [[wikipedia:Voice_over_IP|Voice over Internet Protocol]] (VoIP) services <ref name=":0" />.
-'''Nick Galea''' is the founder and Chief Technology Officer (CTO) of 3CX, a software-based private branch exchange (PBX) provider headquartered in Cyprus. He is known for leading the development of 3CX Phone System, a VoIP PBX solution used globally by small and medium-sized businesses.
-=== Career ===
+In 2023, during a major supply chain attack affecting the 3CX desktop application, the company's public response included engaging the services of Google-owned cybersecurity firm [[wikipedia:Mandiant|Mandiant]]<ref>{{Cite web |last=Lakshmanan |first=Ravie |date=Mar 31, 2023 |title=3CX Supply Chain Attack — Here's What We Know So Far |url=https://thehackernews.com/2023/03/3cx-supply-chain-attack-heres-what-we.html |archive-url=https://web.archive.org/web/20250627055223/https://thehackernews.com/2023/03/3cx-supply-chain-attack-heres-what-we.html |archive-date=June 27, 2025 |access-date=2025-08-12 |website=thehackernews.com}}</ref> and advising customers to uninstall affected versions.
-Galea founded 3CX in 2005 and initially served as CEO. Under his leadership, the company grew from a Windows-only PBX provider to offering cross-platform support including Linux, Android, and iOS clients. The software became popular due to its web-based interface and support for SIP-standard devices.
-In 2023, during a major supply chain attack affecting the 3CX desktop application, Galea oversaw the company's public response, including engaging cybersecurity firm Mandiant and advising customers to uninstall affected versions. His communication during the breach received mixed reactions from the broader IT and managed service provider (MSP) communities.<sup>[[3CX#user-content-fn-1|1]][[3CX#user-content-fn-2|2]]</sup>
+==Controversies==
-== Controversies ==
+====Customer and Partner Relations====
+The company's CTO, Nick Galea, has been the subject of criticism from some 3CX users and partners for alleged heavy-handed moderation practices and perceived unprofessional conduct in public forums. Multiple users on Reddit have reported being banned from the official 3CX community forums for raising technical concerns or criticizing company policies. <ref>{{Cite web |title=My 3CX Partnership Deleted and All Linked Clients Lost |url=https://www.reddit.com/r/3CX/comments/xev0u5/my_3cx_partnership_deleted_and_all_linked_clients/}}</ref><ref>{{Cite web |title=Banned from the 3CX Community |url=https://www.reddit.com/r/3CX/comments/xn0ztp/banned_from_the_3cx_community/}}</ref>
-==== Customer and Partner Relations ====
+====Supply Chain Incident Response====
-Nick Galea has been the subject of criticism from some 3CX users and partners for alleged heavy-handed moderation practices and perceived unprofessional conduct in public forums. Multiple users on Reddit have reported being banned from the official 3CX community forums for raising technical concerns or criticizing company policies.<sup>[[3CX#user-content-fn-3|3]][[3CX#user-content-fn-4|4]]</sup>
+In March 2023, 3CX was the victim of a high-profile supply chain hack, thought to be the result of a cascade failure starting with the software X_Trader. This attack was linked to an earlier incident perpetrated by North Korean hackers, targeting software company [https://www.marketswiki.com/wiki/Trading_Technologies_International Trading Technologies]. A 3CX employee's PC containing the Trading Technologies App was used by the hackers to compromise their software and distribute malware to consumers. <ref>{{Cite news |last=Greenberg |first=Andy |date=Apr 20, 2023 |title=The Huge 3CX Breach Was Actually 2 Linked Supply Chain Attacks |url=https://www.wired.com/story/3cx-supply-chain-attack-times-two/ |archive-url=https://web.archive.org/web/20250726115243/https://www.wired.com/story/3cx-supply-chain-attack-times-two/ |archive-date=July 26, 2025 |work=Wired |pages=2025-08-12}}</ref><ref name=":1" />
-A recurring theme in these reports includes:
+CX also faced backlash for requiring users to pay a fee when opening support tickets during the breach, which led to further public criticism from system administrators and IT professionals.<ref name=":1">{{Cite web |last=CrowdStrike |date=2023-03-29 |title=// 2023-03-29 // SITUATIONAL AWARENESS // CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers // |url=https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/ |website=reddit}}</ref><blockquote>"I have been in contact with 3CX and their suggestion is to open a support ticket at £75 per incident. Ludicrous." -wars_t (reddit.com) </blockquote>
-* '''Forum bans for dissenting feedback''': Users claimed Galea personally blocked access to forums or terminated partnerships following criticism.<sup>[[3CX#user-content-fn-4|4]]</sup>
+==References:==
-* '''Removal of public complaints''': Several threads were deleted from Reddit and the 3CX community forums after users described negative experiences with Galea or 3CX leadership.<sup>[[3CX#user-content-fn-3|3]][[3CX#user-content-fn-5|5]]</sup>
+<references />
-* '''Alleged partner retaliation''': Some partners allege that their access to client accounts was revoked without prior warning.<sup>[[3CX#user-content-fn-6|6]]</sup>
+[[Category:3CX]]
-==== Supply Chain Incident Response ====
-In March 2023, 3CX was the victim of a high-profile supply chain attack, with desktop clients distributed via trojanized updates. During the incident, Galea issued statements that were later scrutinized for tone. A now-deleted Reddit comment attributed to Galea dismissed concerns by saying the issue was “not an exploit, it’s a feature,” which some MSPs interpreted as flippant.<sup>[[3CX#user-content-fn-7|7]]</sup>
-In addition, 3CX faced backlash for requiring users to pay to open support tickets during the breach, which led to further public criticism from system administrators and IT professionals.<sup>[[3CX#user-content-fn-1|1]]</sup>
-== References: ==
-# “20230329 Situational Awareness - Crowdstrike,” ''r/crowdstrike'', Reddit [https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/ thread]
-# “3CX desktop app compromised, abused in supply chain attack,” ''TechTarget'', [https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/ techtarget.com]
-# “My 3CX Partnership Deleted and All Linked Clients Lost,” ''r/3CX'', Reddit [https://www.reddit.com/r/3CX/comments/xev0u5/my_3cx_partnership_deleted_and_all_linked_clients/ thread]
-# “Stay Away from 3CX,” ''r/3CX'', Reddit [https://www.reddit.com/r/3CX/comments/1amkm5f/stay_away_from_3cx/ thread]
-# “Banned from the 3CX Community,” ''r/3CX'', Reddit [https://www.reddit.com/r/3CX/comments/xn0ztp/banned_from_the_3cx_community/ thread]
-# “Anyone else ever been fired by 3CX as a customer?” ''r/3CX'', Reddit [https://www.reddit.com/r/3CX/comments/w7tyg7/anyone_else_ever_been_fired_by_3cx_as_a_customer/ thread]
-# “3CX Compromise Confirmed by Nick,” ''r/msp'', Reddit [https://www.reddit.com/r/msp/comments/126ckmg/3cx_compromise_confirmed_by_nick/ thread]