Sumo Logic, a U.S.-based cloud knowledge analytics and log evaluation firm, is urging customers to reset API keys after discovering a security breach.
In a security discover revealed this week, Sumo Logic confirmed it had found proof of a possible security incident on November 3. The incident concerned an attacker utilizing compromised credentials to entry a Sumo Logic AWS account. After discovering the incident, Sumo Logic says it locked down the uncovered infrastructure and rotated each probably uncovered credential for his or her infrastructure “out of an abundance of warning.”
The corporate didn’t instantly reply to information.killnetswitch’s questions.
Sumo Logic says there is no such thing as a indication that the corporate’s networks or methods have been impacted and stated buyer knowledge “has been and stays encrypted.” Nonetheless, the corporate is advising prospects to “rotate credentials which might be both used to entry Sumo Logic or that you’ve got offered to Sumo Logic to entry different methods.”
The corporate says customers ought to instantly rotate their API entry keys and also needs to reset Sumo Logic-installed collector credentials, third-party credentials which have been saved with Sumo, akin to credentials for S3 entry and person passwords for Sumo Logic accounts.
Sumo Logic, which was taken non-public earlier this yr after being acquired by non-public fairness agency Francisco Companions for $1.7 billion, says it has greater than 2,100 prospects, together with 23andMe, Okta and Samsung.
“We’re persevering with to totally examine the origin and extent of this incident,” the corporate stated. It added that it has recognized the possibly uncovered credentials and has added additional security measures “to additional shield our methods,” together with improved monitoring.
Sumo Logic has not stated what number of credentials had been compromised or how these credentials had been compromised.
“Whereas the investigation into this incident is ongoing, we stay dedicated to doing every little thing we are able to to advertise a protected and safe digital expertise,” the corporate stated. “We’ll immediately notify prospects if proof of malicious entry to their Sumo Logic accounts is discovered.”
