Some customers of LogicMonitor, the cloud-based infrastructure monitoring platform, have suffered a data breach, with the accusing finger pointed at the company.
Speaking to TechCrunchone of the victims (on condition of complete anonymity), noted that his organization was compromised because the passwords assigned to them by LogicMonitor during the initial setup were weak and have never been changed.
“When you create an account with [LogicMonitor]define a default password and all user accounts for your organization/account are created with that password,” the source said. “They also didn’t request changes, nor were they temporary passwords, until this week. configuration lasts 30 days and must be changed on first login.”
LogicMonitor confirmed the incident, with the company spokesperson saying a handful of customers were killed:
“We are currently dealing with a security incident affecting a small number of our customers. We are in direct communication and working closely with these customers to take appropriate steps to mitigate the impact,” said LogicMonitor spokeswoman Jesica Church.
Customers have told the press that LogicMonitor contacted them to inform them of the incident and to warn them that the breach could lead to a ransomware attack. No further details are available at this time, so we don’t know who the threat actor behind the attack is or what their motives are.
According to data from the LATKA SaaS database, LogicMonitor reported $61.2 million in revenue this year, with an employee base of more than 1,100 people. Its website claims it monitors “800 billion metrics” a day, across three million devices, and has more than 100,000 software users in 30 countries around the world.