Pierluigi Paganini
November 08, 2023
Sumo Logic is a cybersecurity company that specializes in cloud-based log management and analytics. The company disclosed a security breach after discovering that its AWS account was compromised last week.
The company discovered the security breach on Friday, November 3, 2023.
“On Friday, November 3rd, 2023, Sumo Logic discovered evidence of a potential security incident. The activity identified used a compromised credential to access a Sumo Logic AWS account.” reads the security notice published by the company. “We have not at this time discovered any impacts to our networks or systems, and customer data has been and remains encrypted.”
The company pointed out that its systems and networks were not impacted and customer data were encrypted.
In response to the security incident, the company locked down the impacted infrastructure and rotated every potentially exposed credential for its infrastructure. The investigation is still ongoing to determine the scope of the incident.
“We have identified the potentially exposed credentials and have added extra security measures to further protect our systems.” concludes the notice. “This includes improved monitoring and fixing any possible gaps to prevent any similar events and we are continuing to monitor our logs to look for further signs of malicious activity. We have taken actions to stop the threat to our infrastructure and are advising customers to rotate their credentials.”
The cybersecurity firm recommends customers rotate credentials that are either used to access Sumo Logic or that they have provided to the company to access other systems.
The company recommends that customers promptly rotate their Sumo Logic API access keys.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, security breach)
