JumpCloud Says Nation-State Hackers Hit Specific Customers

Uploaded on 2023-07-31 in FREE TO VIEW

US-based enterprise software firm JumpCloud says it was cyber hack attacked by advanced nation-state actors, which has been attributed to North Korean hackers.

The hackers breached company systems in search of specific customer data. The attack kicked off on June 22 with a spear-phishing campaign that provided the attackers with access to JumpCloud’s infrastructure.

The company discovered the incident on June 27, one week after the attackers breached its systems via a spear-phishing attack.

“We have also been working with our Incident Response (IR) partners and law enforcement on both our investigation and steps designed to make our systems and our customers’ operations even more secure. The attack vector used by the threat actor has been mitigated,” says Bob Phan at JumpCloud.

The company reset customer API keys on July 5 to combat the nation-state-sponsored threat actors and notified the small group of customers impacted by the breach.

An internal investigation revealed the attackers injected data into the company’s commands framework. The attack vector has since been secured.

JumpCloud stated that the strongest defense against sophisticated adversaries is through collaborative information sharing.

JumpCloud provides single sign-on, multi-factor authentication, and other cloud and device security solutions to more than 180,000 organisations.

The company notified law enforcement and released a list of indicators of compromise to aid other organisations.

“We will continue to enhance our own security measures to protect our customers from future threats and will work closely with our government and industry partners to share information related to this threat,” Phan said.

"These are sophisticated and persistent adversaries with advanced capabilities," Phan said. JumpCloud has not published the name and the origins of the group allegedly responsible for the incident.

Oodaloop:     Security Week:     Reversing Labs:     Bleeping Computer:     Jumpcloud:     Tech Crunch:     The Hacker News:     Oodaloop:     Security Week

 

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« Shell Confirms Supply Chain Attack
US Intel Leaders “It’s time to be Data Serious” »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IX Associates

IX Associates

IX Associates is a UK based IT Integration business specialising in risk, compliance, eDefence, and network security solutions.

Marsh

Marsh

Marsh is a global leader in insurance broking and risk management and has been a leader in combatting cyber threats since their emergence.

BooleBox

BooleBox

Boolebox is the innovative suite of enterprise data protection applications that preserve the integrity and confidentiality of data from any unauthorized access.

Kapalya

Kapalya

Kapalya empowers businesses and their employees to securely store sensitive files at-rest and in-transit across multiple platforms through a user-friendly desktop and mobile application.

MicroEJ

MicroEJ

MicroEJ is a software vendor of cost-driven solutions for embedded and IoT devices.

Crosspring

Crosspring

Crosspring is an incubator/accelerator for people who have the ambition to start a successful business or want to extend their existing business in the areas of FinTech, AR, VR, Cybersecurity and SaaS

FDD Center on Cyber and Technology Innovation (CCTI)

FDD Center on Cyber and Technology Innovation (CCTI)

The Foundation for Defense of Democracies is a nonprofit research institute focusing on foreign policy and national security. Ares of focus include cyber security and technology innovation.

6clicks

6clicks

6clicks is an easy way to implement your risk and compliance program or achieve compliance with ISO 27001, SOC 2, PCI-DSS, HIPAA, NIST, FedRAMP and many other standards.

Datapac

Datapac

Datapac is one of Ireland’s largest and most successful ICT solutions and services providers. We have been at the forefront of technology innovation in Ireland for the past three decades.

Troye Computer Systems

Troye Computer Systems

Troye provide a complete range of digital workspace solutions that empower people to do their very best work in a safe and secure manner anywhere, anytime, using any device.

Xact IT Solutions

Xact IT Solutions

Xact IT Solutions are a certified cybersecurity firm offering cybersecurity, compliance and managed services.

Excite Cyber

Excite Cyber

Excite Technology Services (formerly Cipherpoint) is focused on improving the security posture of our customers.

Algoritha

Algoritha

Algoritha is a pioneering entity in the realm of security and forensic services.

BestDefense

BestDefense

BestDefense offers proactive cybersecurity solutions that adapt in real-time to outpace evolving threats and ensure resilient protection for your critical assets.

National Cybersecurity Agency (ANCI) - Chile

National Cybersecurity Agency (ANCI) - Chile

ANCI (Agencia Nacional de Ciberseguridad) is the National Cybersecurity Agency of Chile.

Common Good Cyber

Common Good Cyber

Common Good Cyber is an initiative to strengthen global cybersecurity by supporting organisations that deliver core cybersecurity services that protect the Internet as a whole.