Safety and information analytics firm Sumo Logic disclosed a security breach after discovering that its AWS (Amazon Internet Providers) account was compromised final week.
The corporate detected proof of the breach on Friday, November 3, after discovering that an attacker used stolen credentials to achieve entry to a Sumo Logic AWS account.
Sumo Logic says its techniques and networks weren’t impacted through the breach and that “buyer information has been and stays encrypted.”
“Instantly upon detection we locked down the uncovered infrastructure and rotated each doubtlessly uncovered credential for our infrastructure out of an abundance of warning,” the corporate mentioned.
“We’re persevering with to totally examine the origin and extent of this incident. Now we have recognized the possibly uncovered credentials and have added additional security measures to additional defend our techniques.”
These measures contain enhanced monitoring and addressing potential vulnerabilities to stop related incidents sooner or later. The corporate additionally continues to watch community and system logs to determine any indications of extra malicious exercise.
Clients suggested to rotate API keys
In gentle of those developments, Sumo Logic suggested prospects to rotate credentials used to entry its providers or any credentials shared with Sumo Logic for accessing different techniques.
Sumo Logic prospects ought to instantly rotate their API entry keys and must also reset the next as a precautionary measure:
- Sumo Logic put in collector credentials
- Third-party credentials which were saved with Sumo for the aim of knowledge assortment by the hosted collector (e.g., credentials for S3 entry)
- Third-party credentials which were saved with Sumo as a part of webhook connection configuration
- Person passwords to Sumo Logic accounts
“Whereas the investigation into this incident is ongoing, we stay dedicated to doing every thing we are able to to advertise a protected and safe digital expertise,” the corporate mentioned.
“We’ll immediately notify prospects if proof of malicious entry to their Sumo Logic accounts is discovered. Clients might discover updates at our Safety Response Middle.”
Sumo Logic operates a cloud-native SaaS analytics platform offering prospects with log analytics, infrastructure monitoring, cloud infrastructure security providers, and extra.
In Could, non-public fairness agency Francisco Companions acquired the corporate for $1.7 billion. Its buyer listing contains many tech firms like Samsung, Okta, SAP, F5, Airbnb, SEGA, 23andme, Toyota, and others.
