Rollbar is a company specializing in software bug tracking.

When did the data breach at Rollbar occur?

The data breach at Rollbar occurred in early August.

When was the security breach discovered?

The security breach was discovered on September 6, during a review of logs.

What actions did Rollbar take upon discovering the breach?

Rollbar disabled the service account used for unauthorized access, conducted an analysis of the unauthorized party's actions, and initiated an investigation.

What did the threat actors search for within Rollbar's systems?

The threat actors searched for cloud credentials and Bitcoin wallets.

How long did the attackers have access to Rollbar's systems?

The attackers had access to Rollbar's systems for three days, from August 9 to August 11, 2023.

What customer information was accessed during the breach?

During the breach, sensitive customer information including usernames, email addresses, account names, and project details was accessed.

What measures did Rollbar take to address the breach?

Rollbar has expired project access tokens and is expiring access tokens for data transmission to active projects within 30 days.

Incident

Bug tracking platform Rollbar reports data breach

Q: What information did the attackers gain access to?

The attackers gained access to customer access tokens, potentially compromising sensitive information.

published: Sept. 13, 2023

Learn More

Rollbar, a company specializing in software bug tracking, has disclosed a significant data breach that occurred when unidentified attackers successfully breached their systems in early August. Malicious actors managed to gain access to customer access tokens, potentially compromising sensitive information.

Rollbar's error logging and tracking services are widely utilized by more than 400 million application end users and numerous companies globally, including prominent names such as Salesforce, Twilio, Uber, Twitch, and Pizza Hut. In the previous year, Rollbar reported assisting over 5,000 customers and 23,000 paid users in processing a staggering 40 billion errors.

The discovery of this security breach was made by Rollbar on September 6, as they were reviewing logs. These logs indicated that a service account had been utilized to log into the cloud-based bug monitoring platform, alerting Rollbar to the unauthorized access.

Once inside Rollbar's systems, the threat actors conducted searches within the company's data, with a particular interest in cloud credentials and Bitcoin wallets. Rollbar reported, "When we became aware of this access, we disabled the service account and began analyzing what actions had been taken by the unauthorized party. The party first tried to launch compute resources, and after that failed for lack of permission, they accessed the data warehouse and ran searches that suggested they were interested in Bitcoin wallets or other cloud credentials."

Rollbar's subsequent investigation revealed that these attackers had maintained access to their systems for a span of three days, occurring between August 9 and August 11, 2023. During this time, they were able to access sensitive customer information, including

usernames,
email addresses,
account names,
project details such as environment names and service link configurations.

The number of impacted customers and the method of compromising the service account are not disclosed.

One of the most concerning aspects of this breach is the theft of customers' project access tokens, which are essential for interacting with Rollbar projects. Rollbar has taken steps to mitigate this by expiring access tokens that provide read and write scope immediately and access tokens allowing data transmission to active projects will expire within 30 days.

Bug tracking platform Rollbar reports data breach

Read More
Data Breach at Cock.li email provider exposes over …
Everest ransomware gang's leak site hacked and defaced
Taiwan's Systex Corporation reports ransomware attack
Hacker offer to sell SMS OTP messages of …
Gaming developer Arc System Works reports hack, data …