Cloud service data aggregator Datadog was hit with a data breach late last week and has sent a letter to its customers warning them to change their login credentials.
The company said in a letter to customers that it detected unauthorized activity on a few production infrastructure servers, including one used to store user credentials. Datadog also reported that one customer discovered an attacker attempted to use its credentials that were storied with Datadog to log into their Amazon Web Services account.
“Passwords are stored using bcrypt with a unique salt, but out of caution we have invalidated all stored Datadog passwords,” Datadog’s CSO Andrew Bechere said in the letter, adding Google Auth and SAML users aren’t affected by the issue.
Datadog has called in a third-party vendor to investigate the incident.