PSA: Grandstream's GDMS Cloud Management Portal Hack

The Grandstream Device Management System (GDMS) cloud platform has been compromised. Multiple Managed Service Providers (MSPs) report that SIP credentials stored in GDMS have been stolen and misused internationally, including in the US.

Grandstream has sent an email acknowledging the breach but is still investigating the cause. They recommend changing your logins and SIP credentials immediately.

https://www.reddit.com/r/VOIP/comments/1gxp29l/grandstream_sends_notice_of_gdms_security_incident/

4 Likes

I have not received an email about it yet, but when I logged in this morning I did receive a notice about “unusual activity” and a message that I needed to change my SIP passwords.
Screenshot 2024-11-25 095833

Thank you for posting this… I likely wouldn’t have logged into my GDMS account until I had to provision another phone, which might be weeks or even months from now.

1 Like

I’m glad I use only white-listed IP’s.