Sumo Logic confirms no customer data compromise in potential breach

The Register reports that an investigation by U.S. cloud data analytics and log analysis firm Sumo Logic into a potential security breach earlier this month revealed no impact on its customer data. Identification of suspicious network activity involving unauthorized Amazon Web Service account access on Nov. 3 has prompted Sumo Logic to immediately ensure infrastructure protections and automate credential rotation among possibly affected customers. All other customers have also been urged to rotate their Sumo Logic API access keys. Meanwhile, cybersecurity experts have lauded Sumo Logic's immediate response and continuous updates regarding the incident. "No breach is good news but look at how quickly and cleanly the response from their security team was orchestrated. It seems like customer-side data wasn't impacted but the suggestion to rotate keys is always a good one in these cases. In fact, a good step would be to invalidate/revoke all the API Keys they think could be impacted," said Cequence Security Hacker in Residence Jason Kent.