We identified a potential security vulnerability in the website sandbox. This was never exposed externally, i.e. only Brick River users with significant system knowledge would have been able to exploit it.
A code change was made to resolve the issue. We did also go back through the database to verify that this vulnerability was never exploited.
We did also enhance the security of our secure URL generator.