Rollbar, a provider of error logging and tracking services for software teams, Notifies Users of Security Incident
Rollbar, a provider of error logging and tracking services for software teams, has notified users of a security incident that occurred between August 9 and August 11, 2023.
In a security notice, Rollbar said that an unauthorized party gained access to a cloud platform service account that only had access to the company’s data warehouse. The unauthorized party then accessed the data warehouse and ran searches that suggested they were interested in Bitcoin wallets or other cloud credentials.
Rollbar said that the unauthorized party did not gain access to any customer data, but that the incident did expose some customer information, including usernames and user email addresses, account names, project and environment names, and project access tokens.
In response to the incident, Rollbar has expired all project access tokens with “read” or “write” scope. Tokens with “post_server_item” scope will be expired in 30 days.
Rollbar is also working with a third-party forensic consultant to investigate the incident.
“We hold the security of our customers’ data paramount,” said Brian Rue, Co-founder and CEO of Rollbar. “We are committed to providing our customers with the most secure and reliable platform possible.”
If you are a Rollbar user, you can find more information about the security incident on the Rollbar website.
Recommendations for Rollbar Users
If you are a Rollbar user, there are a few things you can do to protect yourself in light of this security incident:
- Change your Rollbar password.
- Review your project access tokens and revoke any tokens that you do not recognize.
- Be vigilant for any suspicious activity in your Rollbar account.
If you have any questions or concerns, you can contact Rollbar support.