3CX: Difference between revisions - Consumer Rights Wiki

Line 2:

3CX, Inc., is a software development company and developer of the 3CX Phone System<ref name=":0">{{Cite web |last=3CX |title=ENTERPRISE GRADE PHONE SYSTEM |url=https://www.3cx.com/phone-system/ |archive-url=https://web.archive.org/web/20250813032918/https://www.3cx.com/phone-system/ |archive-date=2025-08-12 |access-date=2025-08-12 |website=3cx.com}}</ref>.

The 3CX Phone System is a software private branch exchange based on the ~~SIP (~~Session Initiation Protocol) standard to allow calls via the public switched telephone network (PSTN) or via Voice over Internet Protocol (VoIP) services <ref name=":0" />.

The 3CX Phone System is a software private branch exchange based on the [[wikipedia:Session_Initiation_Protocol|Session Initiation Protocol]] (SIP) standard to allow calls via the public switched telephone network (PSTN) or via [[wikipedia:Voice_over_IP|Voice over Internet Protocol]] (VoIP) services <ref name=":0" />.

In 2023, during a major supply chain attack affecting the 3CX desktop application, company's public response included engaging the services of Google-owned cybersecurity firm Mandiant<ref>{{Cite web |last=Lakshmanan |first=Ravie |date=Mar 31, 2023 |title=3CX Supply Chain Attack — Here's What We Know So Far |url=https://thehackernews.com/2023/03/3cx-supply-chain-attack-heres-what-we.html |archive-url=https://thehackernews.com/2023/03/3cx-supply-chain-attack-heres-what-we.html |archive-date=June 27, 2025 |access-date=2025-08-12 |website=hehackernews.com}}</ref> and advising customers to uninstall affected versions.

In 2023, during a major supply chain attack affecting the 3CX desktop application, company's public response included engaging the services of Google-owned cybersecurity firm [[wikipedia:Mandiant|Mandiant]]<ref>{{Cite web |last=Lakshmanan |first=Ravie |date=Mar 31, 2023 |title=3CX Supply Chain Attack — Here's What We Know So Far |url=https://thehackernews.com/2023/03/3cx-supply-chain-attack-heres-what-we.html |archive-url=https://thehackernews.com/2023/03/3cx-supply-chain-attack-heres-what-we.html |archive-date=June 27, 2025 |access-date=2025-08-12 |website=hehackernews.com}}</ref> and advising customers to uninstall affected versions.

==Controversies==

Line 12:

====Supply Chain Incident Response====

In March 2023, 3CX was the victim of a high-profile supply chain attack, ~~through~~ to be the result of a cascade failure starting with the software X_Trader. This attack was likely caused by North Korean state-sponsored hackers <ref>{{Cite news |last=Greenberg |first=Andy |date=Apr 20, 2023 |title=The Huge 3CX Breach Was Actually 2 Linked Supply Chain Attacks |url=https://www.wired.com/story/3cx-supply-chain-attack-times-two/ |archive-url=https://web.archive.org/web/20250726115243/https://www.wired.com/story/3cx-supply-chain-attack-times-two/ |archive-date=July 26, 2025 |work=Wired |pages=2025-08-12}}</ref>

In March 2023, 3CX was the victim of a high-profile supply chain attack, thought to be the result of a cascade failure starting with the software X_Trader. This attack was likely caused by North Korean state-sponsored hackers. <ref>{{Cite news |last=Greenberg |first=Andy |date=Apr 20, 2023 |title=The Huge 3CX Breach Was Actually 2 Linked Supply Chain Attacks |url=https://www.wired.com/story/3cx-supply-chain-attack-times-two/ |archive-url=https://web.archive.org/web/20250726115243/https://www.wired.com/story/3cx-supply-chain-attack-times-two/ |archive-date=July 26, 2025 |work=Wired |pages=2025-08-12}}</ref>

3CX also faced backlash for requiring users to pay to open support tickets during the breach, which led to further public criticism from system administrators and IT professionals.<ref>{{Cite web |last=CrowdStrike |date=2023-03-29 |title=// 2023-03-29 // SITUATIONAL AWARENESS // CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers // |url=https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/ |website=reddit}}</ref><blockquote>"I have been in contact with 3CX and their suggestion is to open a support ticket at £75 per incident. Ludicrous." -wars_t (reddit.com) </blockquote>

@@ Line 2: / Line 2: @@
 CX, Inc., is a software development company and developer of the 3CX Phone System<ref name=":0">{{Cite web |last=3CX |title=ENTERPRISE GRADE PHONE SYSTEM |url=https://www.3cx.com/phone-system/ |archive-url=https://web.archive.org/web/20250813032918/https://www.3cx.com/phone-system/ |archive-date=2025-08-12 |access-date=2025-08-12 |website=3cx.com}}</ref>.
-The 3CX Phone System is a software private branch exchange based on the SIP (Session Initiation Protocol) standard to allow calls via the public switched telephone network (PSTN) or via Voice over Internet Protocol (VoIP) services <ref name=":0" />.
+The 3CX Phone System is a software private branch exchange based on the [[wikipedia:Session_Initiation_Protocol|Session Initiation Protocol]] (SIP) standard to allow calls via the public switched telephone network (PSTN) or via [[wikipedia:Voice_over_IP|Voice over Internet Protocol]] (VoIP) services <ref name=":0" />.
-In 2023, during a major supply chain attack affecting the 3CX desktop application, company's public response included engaging the services of  Google-owned cybersecurity firm Mandiant<ref>{{Cite web |last=Lakshmanan |first=Ravie |date=Mar 31, 2023 |title=3CX Supply Chain Attack — Here's What We Know So Far |url=https://thehackernews.com/2023/03/3cx-supply-chain-attack-heres-what-we.html |archive-url=https://thehackernews.com/2023/03/3cx-supply-chain-attack-heres-what-we.html |archive-date=June 27, 2025 |access-date=2025-08-12 |website=hehackernews.com}}</ref> and advising customers to uninstall affected versions.
+In 2023, during a major supply chain attack affecting the 3CX desktop application, company's public response included engaging the services of Google-owned cybersecurity firm [[wikipedia:Mandiant|Mandiant]]<ref>{{Cite web |last=Lakshmanan |first=Ravie |date=Mar 31, 2023 |title=3CX Supply Chain Attack — Here's What We Know So Far |url=https://thehackernews.com/2023/03/3cx-supply-chain-attack-heres-what-we.html |archive-url=https://thehackernews.com/2023/03/3cx-supply-chain-attack-heres-what-we.html |archive-date=June 27, 2025 |access-date=2025-08-12 |website=hehackernews.com}}</ref> and advising customers to uninstall affected versions.
 ==Controversies==
@@ Line 12: / Line 12: @@
 ====Supply Chain Incident Response====
-In March 2023, 3CX was the victim of a high-profile supply chain attack, through to be the result of a cascade failure starting with the software X_Trader. This attack was likely  caused by North Korean state-sponsored hackers <ref>{{Cite news |last=Greenberg |first=Andy |date=Apr 20, 2023 |title=The Huge 3CX Breach Was Actually 2 Linked Supply Chain Attacks |url=https://www.wired.com/story/3cx-supply-chain-attack-times-two/ |archive-url=https://web.archive.org/web/20250726115243/https://www.wired.com/story/3cx-supply-chain-attack-times-two/ |archive-date=July 26, 2025 |work=Wired |pages=2025-08-12}}</ref>
+In March 2023, 3CX was the victim of a high-profile supply chain attack, thought to be the result of a cascade failure starting with the software X_Trader. This attack was likely caused by North Korean state-sponsored hackers. <ref>{{Cite news |last=Greenberg |first=Andy |date=Apr 20, 2023 |title=The Huge 3CX Breach Was Actually 2 Linked Supply Chain Attacks |url=https://www.wired.com/story/3cx-supply-chain-attack-times-two/ |archive-url=https://web.archive.org/web/20250726115243/https://www.wired.com/story/3cx-supply-chain-attack-times-two/ |archive-date=July 26, 2025 |work=Wired |pages=2025-08-12}}</ref>
 CX also faced backlash for requiring users to pay to open support tickets during the breach, which led to further public criticism from system administrators and IT professionals.<ref>{{Cite web |last=CrowdStrike |date=2023-03-29 |title=// 2023-03-29 // SITUATIONAL AWARENESS // CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers // |url=https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/ |website=reddit}}</ref><blockquote>"I have been in contact with 3CX and their suggestion is to open a support ticket at £75 per incident. Ludicrous." -wars_t (reddit.com) </blockquote>