Following the security breach, Sumo Logic strongly advises all customers to take precautionary measures and reset their API keys. This step will help ensure the continued security of your data and prevent any potential unauthorized access.
Sumo Logic, Inc. is a cloud-based machine data analytics company focusing on security, operations, and BI use cases. It provides log management and analytics services that use machine-generated big data.
Based on the investigation findings, it has been discovered that the company had already taken steps to reduce the additional measures mentioned on November 7th. Specifically, it was found that credentials for an external service were entered into Sumo during the setup of a webhook connection.
Potential Security Incident
They discovered the evidence of a potential security incident early this month. The activity identified used a compromised credential to access a Sumo Logic AWS account.
According to their statement, the incident did not have any adverse effects on the networks or systems, and all customers’ data remained secure.
StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.
They were able to quickly identify and secure the exposed infrastructure and also implemented additional security measures to safeguard the information.
This includes improved monitoring and fixing any possible gaps to prevent any similar events and continuing to monitor our logs to look for further signs of malicious activity.
To ensure the protection of information, the company suggests implementing various security measures. These measures can include the use of secure methods to access Sumo Logic or providing secure user credentials to access other systems.
The company recommends the implementation of these measures to safeguard sensitive information.
- Sumo Logic API access keys
- Sumo Logic installed collector credentials.
- Third-party credentials that have been stored with Sumo for data collection by the hosted collector.
- User passwords to Sumo Logic accounts.
The investigation into this incident is ongoing, and customers are directly notified if evidence of malicious access to their Sumo Logic accounts is found.
Secures your storage & backup systems With StorageGuard – Watch a 40-second Video Tour.