Sumo Logic says customer data untouched during breach The Register

Sumo Logic has confirmed that no customer data was compromised as a result of the potential security breach it discovered on November 3. In a customer update that includes the results of the investigation verified by third-party forensic specialists, Sumo Logic, maker of the SaaS log analytics platform, said it now considers the case closed. "We remain committed to providing all of our customers with secure and reliable digital experience and are doing everything we can to emerge safer from this incident," it said. "To that end, we will be undertaking additional evaluation to learn from this incident and identify any measures or modifications to prevent future incidents." The data analytics biz first revealed on November 7 that it had detected activity indicating that one of its AWS accounts had been accessed using a compromised credential. It wasn't able to confirm at the time whether customer data was compromised but did say that, like always, it remained encrypted. In response, Sumo Logic "Immediately" secured the exposed infrastructure and worked to identify any customer credentials that were potentially exposed to the individual who accessed the AWS account. Those thought to be at risk of exposure were automatically rotated by the company "Out of an abundance of caution," as well as adding additional security measures to Sumo Logic's systems. Every customer, regardless of whether their credentials were believed to be at risk, was advised at the time to rotate their credentials too. This applied to those used to access both Sumo Logic's platform directly and those provided to the company to access other systems. Special emphasis was placed on rotating Sumo Logic API access keys - the company advised all customers to change them immediately. As an additional precautionary measure, it also recommended changing third-party credentials stored by the company as part of webhook connection configuration. From there, Sumo Logic provided regular updates to customers, with new posts to its security response center appearing every two to three days. The speed and content of its disclosure were praised by experts such as Jason Kent, hacker in residence at Cequence Security. "No breach is good news but look at how quickly and cleanly the response from their security team was orchestrated. It seems like customer-side data wasn't impacted but the suggestion to rotate keys is always a good one in these cases. In fact, a good step would be to invalidate/revoke all the API Keys they think could be impacted." "All of us should use this as a lesson to make sure we can react to things quickly and to go looking for persistent API Keys that are being used and rotate them. If it is painful to rotate the keys when there is no urgency, imagine how much harder it will be if you really need to get it done quickly." .

This Cyber News was published on www.theregister.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Sumo Logic says customer data untouched during breach The Register

Sumo Logic says customer data untouched during breach The Register - Sumo Logic has confirmed that no customer data was compromised as a result of the potential security breach it discovered on November 3. In a customer update that includes the results of the investigation verified by third-party forensic specialists, ...
11 months ago Theregister.com
Sumo Logic discloses security breach, advises API key resets - Security and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS account was compromised last week. The company detected evidence of the breach on Friday, November 3, after discovering that an attacker used ...
11 months ago Bleepingcomputer.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 month ago Aws.amazon.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
10 months ago Securityboulevard.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
9 months ago Securityzap.com
Adobe Real-Time CDP: Personalized Customer Experience - Adobe Experience Cloud Products like Adobe Real-Time CDP are available to assist. A revolutionary solution called Adobe Real-Time Customer Data Platform was created to assist companies in realizing the whole value of their customer data. Adobe ...
10 months ago Hackread.com
E-commerce Security: Protecting Customer Data - In today's digital landscape, ensuring the security of customer data in e-commerce is a crucial concern for businesses. Protecting e-commerce data security is a complex task that requires a comprehensive understanding of the challenges faced by ...
9 months ago Securityzap.com
Review: Top 5 For Outsourced Customer Service Solutions UK and Abroad - For companies that have too many phone calls and emails to keep up, it is very common to outsource your customer services, either domestically in the UK or abroad to the likes of India or The Philippines. An outsourced customer service firm can ...
4 months ago Itsecurityguru.org
T-Mobile Admits to 37 Million Customer Records Stolen by ‘Bad Actor’ - In a shocking news, T-Mobile has admitted that 37 million customer records were stolen by a ‘bad actor’. This data breach happened sometime in the year 2020, when the mobile service provider suffered a data breach exposing personal information ...
1 year ago Nakedsecurity.sophos.com
Former Uber CISO Speaks Out, After 6 Years, on Data Breach, SolarWinds - Joe Sullivan arrived at his sentencing hearing on May 4 this year, prepared to go to jail had the judge not gone with a parole board's recommendation of probation. A federal jury convicted the former Uber CISO months earlier on two charges of fraud ...
11 months ago Darkreading.com
How Can Data Breach Be A Trouble For Your Industry? - To navigate an era of cyber risks, this unsettling reality necessitates a renewed focus on data integrity protection and digital asset protection. In this blog, we will discuss a data breach in the Hospitality industry. Some of the companies like MGM ...
10 months ago Securityboulevard.com
The Rise of Digital Customer Experience - Digital customer experience is a hot topic these days. In all seriousness, digital customer experience is one of the most important differentiators for your business. At its core, DCX is about the customer journey-a guided path for your customers to ...
11 months ago Feedpress.me
Mint Mobile discloses new data breach exposing customer data - Mint Mobile has disclosed a new data breach that exposed the personal information of its customers, including data that can be used to perform SIM swap attacks. Mint is a mobile virtual network operator owned by T-Mobile, offering budget, pre-paid ...
10 months ago Bleepingcomputer.com
Cooler Master confirms customer info stolen in data breach - Computer hardware manufacturer Cooler Master has confirmed that it suffered a data breach on May 19, allowing a threat actor to steal customer data. Cooler Master is a popular computer hardware manufacturer known for their cooling devices, computer ...
5 months ago Bleepingcomputer.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
11 months ago Bleepingcomputer.com
Ticketmaster confirms massive breach after stolen data for sale online - Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. While the breach has allegedly exposed the data of over 560 million ...
5 months ago Bleepingcomputer.com
Live Nation finally confirms massive Ticketmaster data breach - Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. While the breach has allegedly exposed the data of over 560 million ...
5 months ago Bleepingcomputer.com
Goto Customers Backup Data Breach: Protect Your Business and Handle Data Breach Risks - A data breach at Goto customers exposed their backup data to malicious actors, leading to a data breach that impacted those customers. Businesses need to be aware of the risks associated with data breaches and how to protect their organisations from ...
1 year ago Securityaffairs.com
Cooler Master hit by data breach exposing customer information - Computer hardware manufacturer Cooler Master has suffered a data breach after a threat actor breached the company's website and claimed to steal the Fanzone member information of 500,000 customers. Cooler Master is a hardware manufacturer based in ...
5 months ago Bleepingcomputer.com
Law Firms and Legal Departments Get Singled Out For Cyberattacks - Cyberattackers are doubling down on their attacks against law firms and corporate legal departments, moving beyond their historical activity of hacking and leaking secrets to targeting the sector with financial attacks, such as ransomware and ...
11 months ago Darkreading.com
CVE-2013-0135 - Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) ...
7 years ago
Okta: Breach Affected All Customer Support Users - When KrebsOnSecurity broke the news on Oct. 20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of ...
11 months ago Krebsonsecurity.com
FTC orders Blackbaud to boost security after massive data breach - Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. Blackbaud is a U.S.-based ...
9 months ago Bleepingcomputer.com
Mailchimp Data Breach: Companies Affected & How to Protect Yourself - On December 3rd, 2020, a data breach was reported targeting users of MailChimp, one of the most popular email marketing platforms. It is estimated that over 900 million user emails have been exposed in this breach, making it one of the largest in ...
1 year ago Securityaffairs.com
Expanding Reach and Reducing Costs: Cato Enhances Capabilities with Latest Third-Party Integrations - This surge is evident not only in its adoption by organizations of all sizes but also in the increasing number of requests from third-party vendors eager to integrate SASE into their software solutions. This is where Cato API comes into play, ...
10 months ago Itsecurityguru.org

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)