Rollbar might be good at tracking bugs, uninvited guests not so much

2023-09-14 15:00

Cloud-based bug tracking and monitoring platform Rollbar has warned users that attackers have rifled through their data.

According to the post, Rollbar noticed something amiss in its data warehouse query logs on September 6.

The initial attack vector was a cloud platform service account that only had access to the data warehouse.

Rollbar noted that the attackers first tried to fire up compute resources - commonly used by criminals to mine Bitcoin or launch other attacks - and when that failed due to a lack of permission, the attackers began hunting through the data warehouse.

As well as notifying users, Rollbar has also expired project access tokens with "Read" or "Write" scope - these could allow access to project data and will expire access tokens with "Post server item" scope in 30 days.

There was no indication of how attackers gained access to the cloud platform service account, only the actions taken when Rollbar became aware of the nefarious activity within its data warehouse.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/09/14/rollbar_breach/

#rollbar #tracking