LogicMonitor customers hit by data breach following poor password policy

Default passwords were weak and LogicMonitor customers got hurt

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A number of clients of LogicMonitor, the cloud-based infrastructure monitoring platform, suffered a data breach, with the finger of blame pointed at the company.

Speakingg toTechCrunch, one of the victims (under the condition of full anonymity), noted their organization was breached because thepasswordsLogicMonitor assigned them during the initial setup were weak and have never been changed.

“When you set up an account with [LogicMonitor], they define a default password and all user accounts for your organization/account are made with that password,” the source said. “They also didn’t require the changes, nor were they temporary passwords, until this week. Now the setup password lasts 30 days and must be changed on first login.”

Reader Offer: Save up to 68% on Aura identity theft protectionTechRadar editors praise Aura’s upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal. Save up to 50% today.

Preferred partner (What does this mean?)

Temporary passwords

LogicMonitor confirmed the incident, with the company’s spokesperson claiming a handful of clients fell victim:

How to use the cloud for everything but trust it with nothing>These are the passwords hackers try first when attacking devices – are yours included?>These are the best password generators right now

“We are currently addressing a security incident that has affected a small number of our customers. We are in direct communication and working closely with those customers to take appropriate measures to mitigate impact,” said LogicMonitor’s spokesperson, Jesica Church.

The customers told the press that LogicMonitor reached out to notify them of the incident, and to warn them that the breach could result in a ransomware attack. No additional details were available at the moment, so we don’t know who the threat actor behind the attack is, or what their motives are.

According to figures from the LATKA SaaS database, LogicMonitor has had $61.2 million in revenue this year, with an employee base of more than 1,100 people. Its website says that it monitors “800 billion metrics” a day, across three million devices, and that it has more than 100,000 software users in 30 countries around the world.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Google is testing interactive voice searches with results that update in real time

Intel Battlemage rumored for December – could new budget GPUs win over gamers neglected by Nvidia and save the Arc brand?

3 reasons why PIA fell in our best VPN rankings