Secure your small business:
Apps → Data →

Rollbar discloses data breach after hackers stole access tokens

September, 2023
Quick definition  ⓘ
Why it matters: This incident emphasizes the persistent threat of data breaches and the critical importance of safeguarding customer data and access tokens in the tech industry.
22Billion
Number of data records exposed by cybersecurity breaches in 2021.https://www.riskbasedsecurity.com/2022/02/04/data-breach-report-2021-year-end/

Key Points

  • Software bug tracking company Rollbar experienced a data breach in early August
  • Unidentified attackers infiltrated its systems gaining access to customer data
  • Project access tokens were also affected
© Amirul Syaidi | Dreamstime.com

Quick Read

Rollbar, a prominent software bug-tracking company, recently disclosed a data breach that transpired after unknown attackers breached the company's systems in early August. The breach, discovered on September 6, saw the attackers gaining access to valuable customer access tokens. Rollbar provides error logging and tracking services used by over 400 million application end users and thousands of companies worldwide, including tech giants like Salesforce, Twilio, Uber, and Twitch.

The breach came to light when Rollbar conducted a review of its data warehouse logs, revealing that a service account had been used to log into the cloud-based bug monitoring platform. Once inside the company's systems, the threat actors scoured Rollbar's data for cloud credentials and Bitcoin wallets. The breach exposed sensitive customer data, including usernames, email addresses, account names, and project information such as environment names and service link configurations. Most notably, the attackers managed to obtain customers' project access tokens, which enable interaction with Rollbar projects.

Rollbar responded swiftly to the breach, disabling the compromised service account and commencing an analysis of the unauthorized actions taken by the attackers. The company noted that the threat actors first attempted to launch compute resources, which failed due to permission issues. Subsequently, they accessed the data warehouse and conducted searches indicating a particular interest in Bitcoin wallets or other cloud credentials.

The attackers had access to Rollbar's systems for a three-day period, between August 9 and August 11, 2023. In response to the breach, the company took immediate action, expiring access tokens that allowed access to Rollbar project data (with read and write capabilities). Tokens that enabled data submission to an active project will expire in 30 days.

Rollbar, recognizing the gravity of the situation, emphasized its commitment to customer data security and notified customers promptly. The company is actively investigating the breach and has engaged a third-party forensic consultant to verify its findings.

Rollbar's services are widely used across the tech industry, providing critical error logging and tracking solutions for a multitude of applications. The breach serves as a stark reminder of the ongoing threat of cyberattacks and the importance of safeguarding sensitive customer data and access tokens in the technology sector.

In 2022, Rollbar reported its assistance to over 5,000 customers and 23,000 paid users in processing more than 40 billion errors. This breach underscores the pressing need for vigilance and robust security measures, especially in companies providing integral services to the tech industry and beyond. Data breaches can have far-reaching consequences, including potential exposure of sensitive data, financial losses, and damage to a company's reputation, highlighting the critical importance of data security and protection.

Further Reading

—Jess Hofmann

Need Data Breach solutions?
We can help!

Plurilock offers a full line of industry-leading cybersecurity, technology, and services solutions for business and government.

Talk to us today.

 

Thanks for reaching out! A Plurilock representative will contact you shortly.

What Plurilock Offers
SSO, CASB, and DLP with Real-Time Passive Authentication

More to Know

Quick Definition

A Data Breach is a situation in which information security has failed, enabling sensitive data of any kind to be accessed by unauthorized individuals despite whatever protections were in place. Data breaches have become a particular concern in recent years because such stolen data is often subsequently distributed widely, in particular on the dark web, where it is often aggregated and sold for illicit activity, identity theft, or further cyberattacks of various kinds.

Subscribe to the newsletter for Plurilock and cybersecurity news, articles, and updates.

You're on the list! Keep an eye out for news from Plurilock.