Datadog breached, tells users to reset login credentials

The company has called in an outside firm to investigate the incident.
The company has called in an outside firm to investigate the incident.

Cloud service data aggregator Datadog was hit with a data breach late last week and has sent a letter to its customers warning them to change their login credentials.

The company said in a letter to customers that it detected unauthorized activity on a few production infrastructure servers, including one used to store user credentials. Datadog also reported that one customer discovered an attacker attempted to use its credentials that were storied with Datadog to log into their Amazon Web Services account.

“Passwords are stored using bcrypt with a unique salt, but out of caution we have invalidated all stored Datadog passwords,” Datadog's CSO Andrew Bechere said in the letter, adding Google Auth and SAML users aren't affected by the issue.

Datadog has called in a third-party vendor to investigate the incident.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS