Cloud Security, Identity

Potential security breach hits Sumo Logic

U.S. cloud data analytics and log analysis firm Sumo Logic has confirmed discovering a potential security incident after its Amazon Web Services account was accessed using stolen credentials, reports TechCrunch. Aside from immediately taking down infrastructure exposed by the incident, Sumo Logic also conducted a rotation of likely exposed credentials in an effort to prevent further compromise. While there has been no evidence suggesting the compromise of Sumo Logic networks and systems, as well as customer data, organizations served by the company, which include Samsung, Okta, and 23andMe, have been urged to promptly rotate API access keys and replace user passwords, S3 credentials, and Sumo Logic-installed collector passwords, as well as Sumo-stored third-party credentials. "We are continuing to thoroughly investigate the origin and extent of this incident," said Sumo Logic, which emphasized that additional security measures have already been implemented to better protect its systems.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.