Software bug-tracking company Rollbar disclosed a data breach after unknown attackers hacked its systems in early August and gained access to customer access tokens.
The security breach was discovered by Rollbar on September 6 when reviewing data warehouse logs showing that a service account was used to log into the cloud-based bug monitoring platform.
“When we became aware of this access we disabled the service account and began analyzing what actions had been taken by the unauthorized party,” Rollbar said in a data breach notification letter shared by Have I Been Pwned creator Troy Hunt.
Customers’ project access tokens that enable them to interact with Rollbar projects were also retrieved during the incident.
The company says access tokens allowing access to Rollbar project data have been expired, while those allowing to send data to an active project will expire in 30 days.
Paramount discloses data breach following security incident.