Several clients of LogicMonitor, the cloud-based infrastructure monitoring platform, have fallen victim to a data breach attributed to the company’s practice of assigning weak default passwords during initial setup. A confidential source from one affected organization revealed that LogicMonitor’s default passwords remained unchanged and lacked robustness, leaving their users vulnerable to security incidents.
The source noted that when clients establish an account with LogicMonitor, the company assigns a default password that is used for all user accounts within the organization or account. Until recently, LogicMonitor did not require password changes, nor were these default passwords temporary. However, as of this week, LogicMonitor has instituted a new policy mandating that setup passwords must be changed within 30 days and upon first login.
LogicMonitor’s spokesperson, Jesica Church, acknowledged the security incident, stating, “We are currently addressing a security incident that has affected a small number of our customers. We are in direct communication and working closely with those customers to take appropriate measures to mitigate impact.”
LogicMonitor promptly alerted affected customers about the breach and cautioned them about the potential for ransomware attacks. The identity of the threat actor responsible for the breach and their motives remain unknown at this time.
Based on data from the LATKA SaaS database, LogicMonitor reported $61.2 million in revenue this year and maintains a workforce of over 1,100 employees. The company’s website claims that it monitors a staggering “800 billion metrics” daily across three million devices and serves more than 100,000 software users in 30 countries worldwide.
