Image: Bermix Studio (unsplash)
The software bug-tracking company, Rollbar, revealed a security incident that occurred after unidentified individuals infiltrated their systems during early August, obtaining customer access tokens.
This breach came to light on September 6, when Rollbar observed anomalies in their data warehouse logs. These logs illustrated that a service account had been utilized to sign into their cloud-based bug tracking platform.
Upon penetrating the Rollbar infrastructure, these individuals scrutinized the firm’s data for cloud credentials and Bitcoin wallet details. Rollbar promptly took measures to deactivate the service account and commenced an in-depth analysis of the intruder’s actions within their system. Initially, the individual or group made attempts to initiate compute resources. However, due to restricted permissions, they then navigated to the data warehouse, executing searches that indicated a focus on Bitcoin wallets and cloud credentials.
Through a subsequent examination, Rollbar determined that this unauthorized access lasted for a span of three days, from August 9 to August 11, 2023. Throughout this duration, the intruders retrieved crucial customer details, such as usernames, email addresses, account designations, and project-related information, including environment identifiers and service link configurations.
A key concern was the theft of customer project access tokens, which facilitate interactions with Rollbar projects. Rollbar has taken precautions to ensure that these tokens, which permit access to project data with both reading and writing capabilities, are now invalidated. Meanwhile, tokens that grant the ability to forward data to active projects are set to be invalidated within the forthcoming 30 days.
While Rollbar continues its rigorous investigation, the company has prioritized customer data protection, communicating the nature of the incident and the responsive measures they’ve employed. Furthermore, they have enlisted the expertise of an external forensic consultant to corroborate these findings, and this process remains underway.
The firm, renowned for its error logging and tracking utilities, boasts a user base comprising over 400 million application end users and a clientele that includes numerous global entities such as Salesforce, Twilio, Uber, Twitch, and Pizza Hut. In the previous year, Rollbar has proudly assisted a multitude of customers, processing a staggering 40 billion errors.