I've gone ahead and pasted the full email below:
We know that SMBs and MSPs are becoming a larger target for threat actors. Last week, a small number of MSPs were impacted by a threat actor who could have been thwarted with more consistent cyber hygiene. Since then, we’ve talked to customers and worked across our product and engineering teams to assess our current product functionalities.
I want to underline that Webroot was not breached, and our products were not compromised.
As a response to the threat activity, we made it mandatory for all customers to use our secondary security code. After thoughtful consideration to both the product and customer impact, Webroot also decided to disable agent commands used to remotely execute files. Disabling these agent commands prevents potential misuse in customer environments.
This is part of our ongoing strategic approach to provide additional cybersecurity measures to protect against the evolving threat landscape. We will continue to evolve our product and appreciate the input from our customers.
If you need additional assistance, please open a ticket with our customer support team or connect on our Community.
WEBROOT, a Carbonite company