One and half months after the breach, LogicGate confirms attackers stole its customer data.
A risk and compliance startup sent an email to customers informing them that on February 23 an unauthorized third party obtained credentials to the company’s AWS storage and accessed customer backup files for its risk management platform Risk Cloud.
Risk Cloud is LogicGate’s flagship product that helps companies to identify and manage risks and compliance and offers data protection and security standards. Risk Cloud is advertised as a solution that can help find security vulnerabilities before they are exploited in the wild.
Well, this time the security company couldn’t protect itself from cyberattackers.
Using the stolen credentials attackers an unauthorized third party seems to have managed to decrypt data files stored in the company’s AWS S3 buckets in the LogicGate Risk Cloud backup environment, the email said.
“Only data uploaded to your Risk Cloud environment on or prior to February 23, 2021, would have been included in that backup file,” LogicGate added.
The companies said it did not identify “decrypt events” associated with customers’ attachments stored in the Risk Cloud.
LogicGate did not say how the AWS credentials were stolen but said it is working on finding out the root cause of the incident. It didn’t say how many customers had been affected and if the company had alerted U.S. state authorities, nor would it say whether the attackers managed to exfiltrate the decrypted customer data from its servers.
“We believe it’s best to communicate developments directly to our customers,” LogicGate chief executive Matt Kunkel said to TechCrunch.
LogicGate’s clients include Capco, SoFi, and Blue Cross Blue Shield of Kansas City. In December last year, LogicGate secured $8.75 million in funding, which netted it total of over $40 million since its launch in 2015.
