Security News > 2023 > July > JumpCloud Blames 'Sophisticated Nation-State' Actor for Security Breach

A little over a week after JumpCloud reset API keys of customers impacted by a security incident, the company said the intrusion was the work of a sophisticated nation-state actor.

The adversary "Gained unauthorized access to our systems to target a small and specific set of our customers," Bob Phan, chief information security officer at JumpCloud, said in a post-mortem report.

"The attack vector used by the threat actor has been mitigated."

While JumpCloud said it took security steps to shield its network by rotating credentials and rebuilding its systems, it wasn't until July 5 when it detected "Unusual activity" in the commands framework for a small set of customers, prompting a forced-rotation of all admin API keys.

JumpCloud did not explain how the phishing attack it spotted in June is connected to the data injection.

Worried about insider threats? We've got you covered! Join this webinar to explore practical strategies and the secrets of proactive security with SaaS Security Posture Management.

News URL

https://thehackernews.com/2023/07/jumpcloud-blames-sophisticated-nation.html