Sumo Logic discloses security breach, advises API key resets

Sumo Logic discloses security breach, advises API key resets

November 8, 2023 at 01:31PM

Security and data analytics company, Sumo Logic, disclosed a security breach after its AWS account was compromised. The breach was discovered on November 3rd when an attacker used stolen credentials to gain access. Customer data remains encrypted, and Sumo Logic has implemented extra security measures and advised customers to rotate API keys and reset certain credentials as a precautionary measure. Sumo Logic continues to investigate the incident and is committed to promoting a safe and secure digital experience for its customers.

Key Takeaways from Meeting Notes:

1. Sumo Logic discovered a security breach in their AWS account, which was compromised due to stolen credentials.
2. The breach did not affect Sumo Logic’s systems or networks, and customer data remains encrypted.
3. Immediate action was taken to secure the exposed infrastructure and rotate potentially vulnerable credentials.
4. Sumo Logic is conducting a thorough investigation to determine the origin and extent of the incident.
5. They have implemented enhanced security measures and continue to monitor network and system logs for any malicious activity.
6. Sumo Logic advises customers to rotate API access keys and reset various credentials used for data collection, webhook connections, and Sumo Logic accounts.
7. Sumo Logic will directly notify customers if evidence of malicious access to their accounts is found.
8. Customers can find updates at Sumo Logic’s Security Response Center.
9. Sumo Logic, a security and data analytics company, offers a cloud-native SaaS analytics platform.
10. Francisco Partners acquired Sumo Logic for $1.7 billion in May, and its customer base includes prominent tech companies.

Full Article