A number of clients of LogicMonitor, the cloud-based infrastructure monitoring platform, suffered a data breach, with the finger of blame pointed at the company.
Speakingg to TechCrunch, one of the victims (under the condition of full anonymity), noted their organization was breached because the passwords LogicMonitor assigned them during the initial setup were weak and have never been changed.
“When you set up an account with [LogicMonitor], they define a default password and all user accounts for your organization/account are made with that password,” the source said. “They also didn’t require the changes, nor were they temporary passwords, until this week. Now the setup password lasts 30 days and must be changed on first login.”
LogicMonitor confirmed the incident, with the company’s spokesperson claiming a handful of clients fell victim:
“We are currently addressing a security incident that has affected a small number of our customers. We are in direct communication and working closely with those customers to take appropriate measures to mitigate impact,” said LogicMonitor’s spokesperson, Jesica Church.
The customers told the press that LogicMonitor reached out to notify them of the incident, and to warn them that the breach could result in a ransomware attack. No additional details were available at the moment, so we don’t know who the threat actor behind the attack is, or what their motives are.
According to figures from the LATKA SaaS database, LogicMonitor has had $61.2 million in revenue this year, with an employee base of more than 1,100 people. Its website says that it monitors “800 billion metrics” a day, across three million devices, and that it has more than 100,000 software users in 30 countries around the world.