JumpCloud Says Nation-State Hackers Hit Specific Customers

Uploaded on 2023-07-31 in FREE TO VIEW

US-based enterprise software firm JumpCloud says it was cyber hack attacked by advanced nation-state actors, which has been attributed to North Korean hackers.

The hackers breached company systems in search of specific customer data. The attack kicked off on June 22 with a spear-phishing campaign that provided the attackers with access to JumpCloud’s infrastructure.

The company discovered the incident on June 27, one week after the attackers breached its systems via a spear-phishing attack.

“We have also been working with our Incident Response (IR) partners and law enforcement on both our investigation and steps designed to make our systems and our customers’ operations even more secure. The attack vector used by the threat actor has been mitigated,” says Bob Phan at JumpCloud.

The company reset customer API keys on July 5 to combat the nation-state-sponsored threat actors and notified the small group of customers impacted by the breach.

An internal investigation revealed the attackers injected data into the company’s commands framework. The attack vector has since been secured.

JumpCloud stated that the strongest defense against sophisticated adversaries is through collaborative information sharing.

JumpCloud provides single sign-on, multi-factor authentication, and other cloud and device security solutions to more than 180,000 organisations.

The company notified law enforcement and released a list of indicators of compromise to aid other organisations.

“We will continue to enhance our own security measures to protect our customers from future threats and will work closely with our government and industry partners to share information related to this threat,” Phan said.

"These are sophisticated and persistent adversaries with advanced capabilities," Phan said. JumpCloud has not published the name and the origins of the group allegedly responsible for the incident.

Oodaloop:     Security Week:     Reversing Labs:     Bleeping Computer:     Jumpcloud:     Tech Crunch:     The Hacker News:     Oodaloop:     Security Week

 

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« Shell Confirms Supply Chain Attack
US Intel Leaders “It’s time to be Data Serious” »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

UL Solutions

UL Solutions

UL Solutions is a safety, security and compliance consulting and certification company. Areas covered include cyber security.

Global Station for Big Data & Cybersecurity (GSB)

Global Station for Big Data & Cybersecurity (GSB)

GSB is an interdisciplinary research hub to cover big data, information networks, and cybersecurity.

Secarma

Secarma

Secarma provides penetration testing, security assessments, consultancy, and training services to ensure your digital infrastructure is secure from cybersecurity threats.

Templar Executives

Templar Executives

Templar Executives is a leading, expert and dynamic Cyber Security company trusted by Governments and multi-national organisations to deliver business transformation.

Matias Consulting Group (MCG)

Matias Consulting Group (MCG)

Your Business needs competitive and resilient ICT solutions. MCG defines, deploy & support them enabling you to focus on your core business.

NGS (UK)

NGS (UK)

NGS (UK) Ltd are independent, vendor agnostic, next generation security trusted advisors, providing all-encompassing solutions from the perimeter to the endpoint.

Morphus Information Security

Morphus Information Security

Morphus is an information security company providing Red Team, Blue Team and GRC services as well as conducting research in cybersecurity and threat analysis.

National Cybersecurity Preparedness Consortium (NCPC) - USA

National Cybersecurity Preparedness Consortium (NCPC) - USA

The mission of the NCPC is to provide research-based, cybersecurity-related training, exercises and technical assistance to local jurisdictions, counties, states and the private sector.

Logic Supply

Logic Supply

Logic Supply is a global industrial PC company focused on hardware for the IoT edge. We design highly-configurable computers engineered for reliability.

David Hayes-Export Controls

David Hayes-Export Controls

David Hayes-Export Controls provides assistance to companies affected by export controls or who are considering entering the market but are unsure of the commercial and regulatory implications.

apiiro

apiiro

apiiro invented the industry-first Code Risk Platform™ that uses developers and code behavior analysis to accelerate delivery and automatically remediate product risk.

Hyperwise Ventures

Hyperwise Ventures

Hyperwise Ventures lead seed investments in startups in the cyber security and enterprise software spaces.

Cybergroot

Cybergroot

Cybergroot provides Cybersecurity Assessment services and professional Information Security trainings.

CryptoDATA

CryptoDATA

CryptoDATA develops products and services based on Blockchain technology, that ensure user security and data encryption, applicable in various fields.

WinMagic

WinMagic

At WinMagic, we’re dedicated to making authentication and encryption solutions that protect data without causing user friction so that everyone can work freely and securely.

Arakyta

Arakyta

Arakÿta specializes in business strategy, work flow process and IT systems for organizations.