Article 6D1VS JumpCloud, an IT firm serving 200,000 orgs, says it was hacked by nation-state

JumpCloud, an IT firm serving 200,000 orgs, says it was hacked by nation-state

by
Dan Goodin
from Ars Technica - All content on (#6D1VS)
breached-block-wall-800x534.jpg

Enlarge

JumpCloud, a cloud-based IT management service that lists Cars.com, GoFundMe, and Foursquare among its 5,000 paying customers, experienced a security breach carried out by hackers working for a nation-state, the company said last week.

The attack began on June 22 as a spear-phishing campaign, the company revealed last Wednesday. As part of that incident, JumpCloud said, the sophisticated nation-state sponsored threat actor" gained access to an unspecified part of the JumpCloud internal network. Although investigators at the time found no evidence any customers were affected, the company said it rotated account credentials, rebuilt its systems, and took other defensive measures.

On July 5, investigators discovered the breach involved unusual activity in the commands framework for a small set of customers." In response, the company's security team performed a forced-rotation of all admin API keys and notified affected customers.

Read 5 remaining paragraphs | Comments

External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments