Cloud monitoring, log administration, and SIEM instruments supplier Sumo Logic is urging prospects to vary credentials following the invention of a security breach.
The corporate revealed on Tuesday {that a} “potential security incident” found on November 3 concerned unauthorized entry to a Sumo Logic AWS account via using compromised credentials.
There isn’t a indication that the corporate’s techniques, networks, or buyer knowledge have been impacted. Nonetheless, customers have been suggested to “rotate credentials which are both used to entry Sumo Logic or that you’ve offered to Sumo Logic to entry different techniques”.
Essentially the most pressing are API entry keys, however as a precaution customers must also change Sumo Logic put in collector credentials, third-party credentials saved with Sumo, and person passwords for Sumo accounts.
Sumo Logic mentioned its investigation is ongoing and it’ll immediately notify prospects if it discovers malicious entry to accounts.
“Instantly upon detection we locked down the uncovered infrastructure and rotated each doubtlessly uncovered credential for our infrastructure out of an abundance of warning. We’re persevering with to totally examine the origin and extent of this incident. We’ve got recognized the possibly uncovered credentials and have added further security measures to additional defend our techniques,” the corporate mentioned in its security discover.
Sumo Logic was taken personal earlier this 12 months after being acquired by personal fairness agency Francisco Companions for $1.7 billion. The corporate laid off dozens of workers following the takeover.