JumpCloud Security Incident - company Resets customer's API Keys

published: July 7, 2023

Take action: If you are using JumpCloud start calling your customer representative and ask for details on further mitigation measures. It may be necessary to also reset API keys elsewhere if you have integrated JumpCloud with the rest of your infrastructure.

Learn More

JumpCloud, a provider of cloud-based identity and access management solutions, is currently suffering from an ongoing security incident.

Specific details, cause and the scale of the incident are currently unknown, and JumpCloud is actively addressing the situation.

In an effort to mitigate the impact of the incident, JumpCloud has responded agressively by resetting their client's API keys to protect their data.

JumpCloud has informed affected clients about the critical nature of the API key reset, emphasizing its commitment to safeguarding their operations and organizations.

This API key reset will, disrupt a significant number of functionalities - essentially all integrations - like AD import, HRIS integrations, JumpCloud PowerShell modules, JumpCloud Slack apps, Directory Insights Serverless apps, ADMU, third-party zero-touch MDM packages, Command Triggers, Okta SCIM integration, Azure AD SCIM integration, Workato, Aquera, Tray, and more.

Despite the potential disruptions, JumpCloud believes that the API key reset is necessary for the overall security of its clients. The company offers assistance and support to clients who need help with resetting or re-establishing their API keys, providing a detailed guide and an interactive simulation.

Update - JumpCloud revealed that the attack is probably conducted by hackers believed to be working for a nation-state. The breach began on June 22 through a spear-phishing campaign, allowing the threat actor to gain unauthorized access to a specific part of JumpCloud's internal network. The breach was highly targeted and limited to specific customers whose names were not disclosed.

JumpCloud's cloud-based Active Directory services are widely used by over 180,000 organizations globally, with numerous software vendors and cloud service providers integrating their systems with JumpCloud's identity, access, and device management services.

JumpCloud Security Incident - company Resets customer's API Keys