HQ/EMEAFind out how we can help your business
Rubrik disclosed that an unwanted incident had compromised one of its log file servers last month. This activity has prompted the firm to rotate the exposed authentication keys to avoid potential exploits from malicious actors looking to exploit the leak.
Moreover, the company confirmed to one of its inquiries that the hack was not ransomware and that the threat actor had not communicated with it.
This affected company is a cybersecurity firm focusing on data protection, backup, and recovery. It is also the home to over 3,000 workers spread over 22 global offices.
Some of this firm’s most notable clients include AMD, Adobe, Pepsico, Home Depot, Allstate, Sephora, GSK, Honda, Harvard University, and TrelliX. As of now, it has more than 6,000 customers globally.
Rubrik explained last month that it identified unusual behaviour on one of its servers that holds its log files.
According to reports, Rubrik claims to have identified strange behaviour on a server holding its log files. This detail is part of the firm’s security advisory published on February 2.
Specifically, the report stated that Rubrik’s Information Security Team recently noticed suspicious activity on a server containing log data. Identifying such activity has prompted the firm to take down its server to mitigate the risk and stop the activity from reaching various places in the company’s network.
On the other hand, an examination conducted by the firm’s third-party forensic partner confirmed that the event was limited to this single server, and it allegedly discovered no evidence of unauthorised access to any information.
However, Rubrik claims that a few log files contained access information, prompting the company to rotate authentication keys out of caution.
This event is not the first time the company has experienced unwanted behaviour that forced it to take precautionary measures. Rubrik previously experienced a data breach in 2023, when its data was stolen as part of the Clop ransomware gang’s massive Fortra GoAnywhere data theft campaign.
