HQ/EMEAFind out how we can help your business
The software bug-tracking company called Rollbar has recently become the subject of a cybercriminal campaign. Companies, such as Twilio, Salesforce, and Uber, employ the services of this company, which makes this incident more concerning.
Reports claimed that the attack occurred in August; however, the company only identified the breach earlier this month after their routine review of data warehouse logs. Rollbar’s security team discovered that the attackers acquired unauthorised access to their customer access tokens.
Rollbar immediately deployed a response plant to evaluate the breach upon discovering the attack. The initial investigation revealed that the attackers used a service account to log into their cloud-based bug-monitoring platform.
Additionally, the threat actors remained in the system after a successful breach for three days. During their stay, they scanned Rollbar’s methods for details, including cloud credentials and Bitcoin wallets.
The confirmed customer information accessed by the threat actors are usernames, email addresses, account names, and project details such as environment names and service link configurations.
The threat actors acquired Rollbar tokens, which could harm the company and its users.
Unfortunately, the most critical data that the actors acquired are project access tokens. These tokens provide interactions with the Rollbar project that could grant its user read and write access.
On the other hand, the company claimed that they immediately addressed the situation about the stolen tokens by rendering them null and void. The affected entity has rolled out breach notification letters to its customers to warn them about the stolen data.
They have already employed a third-party security investigator to aid them with analysing the attack. Rollbar also revealed that they contacted relevant law enforcement agencies about the hack.
This newly discovered cybercriminal campaign against one of the most prominent bug-tracking companies could pose a significant threat since over 400 million application end users and thousands of globally recognised companies rely on their error logging and tracking services.
This event is a wake-up call for the tech industries as threat actors continue to overcome defences and exploit vulnerabilities that could allow them to initiate their malicious campaigns. Therefore, affected users should be vigilant about unwanted communications as threat actors will likely use the stolen information to create more commotion.
