PagerDuty hacked ... and finally comes clean 21 days later. Cheers Why not celebrate SysAdmin Day by worrying about a data breach at incident management peddler PagerDuty? An attacker managed to get into the company's systems on 9 July, and a belated 21 days later the company did the decent thing and informed its customers about the incident. 'Fessing up to the breach on its website, …
That it didn't happen sooner. PagerDuty is a great big bullseye.
I mean, they've got access to the pager messages of all manner of businesses. Whether collected in transit or after the fact, some of that stuff surely has to be very valuable to somebody somewhere for gaining entry or espionage. I can't imagine that many sites will have thought about obscuring sensitive information in pager messages, just in case PagerDuty were busted.
Not to mention that many organisations may have been using PagerDuty to alert ops staff to security-related events that might require a time critical response. Probably useful to be able to turn that off or generate chaff alerts if you're doing a targeted attack ... sort of like disabling the phone line for the burgler alarm. If you can escalate this into a PagerDuty wide attack (test admin accounts that may be present in the production system, anyone?) it becomes more like an attack on the telephone exchange...
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
