Security and data analytics company Sumo Logic has revealed a security breach after its AWS account was compromised last week. The breach was detected on November, when evidence emerged that an attacker had utilized stolen credentials to access Sumo Logic’s AWS account.
Fortunately, Sumo Logic asserts that its systems and networks were unaffected by the breach, and customer data has remained encrypted throughout the incident. In response to the breach, the company promptly secured the exposed infrastructure and rotated potentially compromised credentials as a precautionary measure.
Sumo Logic is actively investigating the origin and extent of the incident, implementing additional security measures to fortify its systems. These measures include enhanced monitoring and the resolution of potential vulnerabilities to mitigate the risk of future incidents. Ongoing monitoring of network and system logs is also in place to detect any signs of additional malicious activity.
In light of the breach, Sumo Logic has advised its customers to rotate credentials used to access its services. Customers are urged to reset API access keys and take precautionary steps, including resetting Sumo Logic installed collector credentials, third-party credentials stored with Sumo for data collection, third-party credentials stored for webhook connection configuration, and user passwords for Sumo Logic accounts.
While the investigation is ongoing, Sumo Logic remains committed to ensuring a safe and secure digital experience for its users. The company pledges to directly notify customers if evidence of malicious access to their Sumo Logic accounts is discovered. Customers can find updates and additional information at the Sumo Logic Security Response Center.
Sumo Logic, known for its cloud-native SaaS analytics platform, provides log analytics, infrastructure monitoring, and cloud infrastructure security services. Despite the security breach, the company continues to prioritize its commitment to customer safety and security. The breach has raised concerns about the security of customer data, emphasizing the importance of proactive measures and heightened vigilance in the evolving landscape of cybersecurity threats.