Incident Details
| Victimized Company: | Sumo Logic |
| Incident Dates: | 2023-11-03 to ongoing |
| Disclosure Date: | 2023-11-07 |
| Current Status: |
Sumo Logic 2023
Sumo Logic notified customers of an incident and recommended customers rotate credentials in their platform.
Incident
According to the announcemtn posted on the Sumo Logic Security Response Center
On Friday, November 3rd, 2023, Sumo Logic discovered evidence of a potential security incident. The activity identified used a compromised credential to access a Sumo Logic AWS account. We have not at this time discovered any impacts to our networks or systems, and customer data has been and remains encrypted.
Details of the Incident
Sumo Logic has not provided any further details.
Attribution / Perpetrator
None at this time.
Long-term Impact
Sumo Logic notified customers and recommended they rotate all credentials stored in their platform. In a subsequent update on 8 November, they revised the scope to only Third-party credentials that have been stored with Sumo as part of webhook connection configuration
Summary of Coverage
- BleepingComputer: Sumo Logic discloses security breach, advises API key resets Month Day, Year
- Sumo Logic Notice November 9, 2023 (Archive.org version) (Screenshot)
Cloud Security Lessons Learned
Sumo Logic only disclosed the incident resulted from “a compromised credential to access a Sumo Logic AWS account”, so we do not know if it was a long-term Access Key or some form of credential compromise of short-term credentials.