Subj : JumpCloud reset API keys following security incident To : All From : TechnologyDaily Date : Mon Jul 17 2023 15:30:03 JumpCloud reset API keys following security incident Date: Mon, 17 Jul 2023 14:15:04 +0000 Description: Security incident targeting a select handful of users has repercussions for all JumpCloud customers. FULL STORY ====================================================================== JumpCloud has confirmed it reset customer API keys following a security incident earlier in July 2023, leaving customers who missed the advisory notice with disrupted services. In a blog post , company CISO Bob Phan explained: The security threats that we face, as an industry, are unprecedented and require strong collaboration from all constituents. Details of the security incident remain sparse, but Phan disclosed that unauthorized access by a sophisticated nation-state-sponsored threat actor saw a small and specific set of cloud storage customers targeted, who were notified prior to the public blog post. JumpCloud security incident In response to the attack, JumpCloud says that it has been working with both incident response partners and law enforcement in order to prevent such future attacks, claiming that the attack vector used by the threat actor has been mitigated. Read more > These are the best cloud backup services > Cloud remains the biggest target for cyberattacks > Cyberattacks are rising across the world - here's what you need to know The API key reset on July 5 followed unusual activity in the commands framework on the same day. Phan said that the spear-phishing campaign could be traced back to June 22. Despite expressing a commitment to providing transparent and timely information, some have expressed their concern over the incident. Nick Rago, Field CTO at Salt Security, a company whose mission it is to make APIs attack-proof, said that the incident must have been pretty significant for JumpCloud to have taken the action it did across its whole customer base. Rago continued: there doesn't seem to be much transparency at this time into what the security incident was or how long API keys might have been potentially exposed, or how they are remedying this type of incident from happening again. Salt Securitys Field CTO suggests that enterprise users should look to lock down API access to their account from a whitelist of locations in order to limit attack risk. JumpClouds Phan promised that the company would continue to enhance its security measures to prevent future attacks, collaborating with industry partners and governments. Boost your cybersecurity with the best firewalls and best endpoint protection tools ====================================================================== Link to news story: https://www.techradar.com/pro/jumpcloud-reset-api-keys-following-security-inci dent --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .