JumpCloud, a directory, identity, and access management company, announced it was attacked by advanced nation-state actors. The hackers breached company systems in search of specific customer data. The attack kicked off on June 22 with a spear-phishing campaign that provided the attackers with access to JumpCloud’s infrastructure.
The company reset customer API keys on July 5 to combat the nation-state-sponsored threat actors and notified the small group of customers impacted by the breach. An internal investigation revealed the attackers injected data into the company’s commands framework. The attack vector has since been secured. JumpCloud stated that the strongest defense against sophisticated adversaries is through collaborative information sharing. The company notified law enforcement and released a list of indicators of compromise to aid other organizations.
Read More: