Data analytics and security company Sumo Logic has suffered a security breach, forcing it to shut down some parts of its system and urge users to rotate their API keys.
According to a BleepingComputer According to the report, the company confirmed the breach and said it discovered evidence of unauthorized access on Friday, November 3.
Apparently, a threat actor used stolen credentials to gain access to the company’s Amazon Web Services (AWS) account. “Customer data has been and will remain encrypted,” the company added, saying its systems and networks were unaffected by the incident.
Ongoing investigation
“Immediately upon detection, we shut down the exposed infrastructure and, out of an abundance of caution, rotated all potentially exposed credentials to our infrastructure,” Sumo Logic said. “We continue to thoroughly investigate the origin and scope of this incident. We have identified the potentially exposed credentials and have added additional security measures to further protect our systems.”
These additional security measures include enhanced monitoring and addressing potential vulnerabilities. Sumo Logic will also continue to monitor network and system logs for further indicators of compromise.
The company also told its customers to update the login credentials they use to access the services, as well as any other login credentials they have shared with Sumo Logic.
In addition to rotating their API access keys, users must reset Sumo Logic-installed collection credentials, Sumo-stored third-party credentials, and user passwords on Sumo Logic accounts.
“While the investigation into this incident is ongoing, we remain committed to doing everything we can to promote a safe digital experience,” the company said. “We will immediately notify customers if evidence of malicious access to their Sumo Logic accounts is found. Customers can find updates in our Security Response Center.”
Sumo Logic is a cloud-based machine data analytics company with a focus on security, operations and business intelligence use cases. It provides log management and analytics services that leverage machine-generated big data.
The company was founded in early 2010 and is headquartered in Redwood City, California.