Sumo Logic wrestles with security breach, pins down customer data

Sumo Logic wrestles with security breach, pins down customer data

November 21, 2023 at 11:38AM

Sumo Logic has confirmed that no customer data was compromised in a potential security breach. The company discovered unauthorized access to one of its AWS accounts but quickly secured the infrastructure and rotated customer credentials as a precaution. Sumo Logic will undertake further evaluation to prevent future incidents.

Key takeaways from the meeting notes:

1. Sumo Logic confirmed that no customer data was compromised during the security breach discovered on November 3.
2. The company conducted a thorough investigation, verified by third-party forensic specialists, and considers the case closed.
3. Sumo Logic remains committed to providing secure and reliable digital experiences to all customers.
4. The company will be conducting additional evaluations to learn from the incident and identify measures to prevent future incidents.
5. On November 7, Sumo Logic detected activity indicating that one of its AWS accounts was accessed using a compromised credential.
6. While the extent of the data compromise was initially unclear, Sumo Logic confirmed that customer data remained encrypted.
7. Immediate actions were taken to secure the exposed infrastructure and identify potentially exposed customer credentials.
8. The company automatically rotated credentials believed to be at risk and advised all customers to rotate their credentials as a precautionary measure.
9. Special emphasis was placed on changing Sumo Logic API access keys, as well as third-party credentials stored for webhook connections.
10. Sumo Logic provided regular updates to customers through its security response center.
11. The speed and effectiveness of Sumo Logic’s response to the security breach were praised by experts, emphasizing the importance of quick reaction and proactive measures to protect API keys.

Full Article