Hackers are increasingly getting brazen each day, setting their eyes on larger and larger targets.
The latest high-profile data breach victim is one of the biggest tech companies that provides metrics for giants like Airbnb, Netflix, Spotify, Facebook, PBS, The New York Times, and Samsung and it could potentially have catastrophic consequences.
Datadog, the software-as-a-service (SaaS) provider with large cloud system integrations such as Amazon Web Services, sent precautionary emails to their users last week requesting for password resets and revocation of credentials.
This was due to a breach detected on a few of their production servers, including one with a database of user credentials. At least one user also reported that there were repeated attempts to use Amazon Web Services credentials integrated with Datadog.
Thankfully, Datadog is prepared for such intrusions. To secure their user credentials, they encrypt all their passwords with bcrypt and a unique salt, which will give the hackers quite a lengthy and difficult time to crack. As a proactive measure, their password reset invalidated current stored passwords anyway so attempts to use the stolen credentials will be unsuccessful.
The company states that local agents running on user servers are not affected by the breach because local credentials are not stored in Datadog's servers. Furthermore, Google Auth and SAML users are not affected either.
Despite the breach, Datadog says their systems are operational and all known vulnerabilities have been patched. All the known compromised servers were rebuilt, as well.
They are currently investigating the attack with the help of third-party forensic investigators for future prevention and post-mortem reporting.
With this news, it looks like Datadog and their clients averted a large scale breach with proper credential security and a prompt response.
Although we can now heave a collective sigh of relief for Datadog and its partners, this incident demonstrates how even large company systems can be compromised in a blink of an eye. Without proper security precautions and protection, hackers may have successfully compromised thousands of user accounts.
More so for regular users such as you and me.
With new threats emerging every day, protection and security against hacks, malware and viruses is critical.