Safety and information analytics firm Sumo Logic disclosed a safety breach after discovering that its AWS (Amazon Internet Companies) account was compromised final week.
The corporate detected proof of the breach on Friday, November 3, after discovering that an attacker used stolen credentials to realize entry to a Sumo Logic AWS account.
Sumo Logic says its programs and networks weren’t impacted in the course of the breach and that “buyer information has been and stays encrypted.”
“Instantly upon detection we locked down the uncovered infrastructure and rotated each probably uncovered credential for our infrastructure out of an abundance of warning,” the corporate mentioned.
“We’re persevering with to totally examine the origin and extent of this incident. We have now recognized the doubtless uncovered credentials and have added further safety measures to additional defend our programs.”
These measures contain enhanced monitoring and addressing potential vulnerabilities to stop related incidents sooner or later. The corporate additionally continues to observe community and system logs to determine any indications of extra malicious exercise.
Clients suggested to rotate API keys
In gentle of those developments, Sumo Logic suggested prospects to rotate credentials used to entry its providers or any credentials shared with Sumo Logic for accessing different programs.
Sumo Logic prospects ought to instantly rotate their API entry keys and also needs to reset the next as a precautionary measure:
- Sumo Logic put in collector credentials
- Third-party credentials which have been saved with Sumo for the aim of knowledge assortment by the hosted collector (e.g., credentials for S3 entry)
- Third-party credentials which have been saved with Sumo as a part of webhook connection configuration
- Consumer passwords to Sumo Logic accounts
“Whereas the investigation into this incident is ongoing, we stay dedicated to doing every thing we will to advertise a protected and safe digital expertise,” the corporate mentioned.
“We’ll straight notify prospects if proof of malicious entry to their Sumo Logic accounts is discovered. Clients might discover updates at our Safety Response Heart.”
Sumo Logic operates a cloud-native SaaS analytics platform offering prospects with log analytics, infrastructure monitoring, cloud infrastructure safety providers, and extra.
In Could, personal fairness agency Francisco Companions acquired the corporate for $1.7 billion. Its buyer record contains many tech corporations like Samsung, Okta, SAP, F5, Airbnb, SEGA, 23andme, Toyota, and others.
