PagerDutyが攻撃を受けたらしい<一部漏れてる

シンジです。なんだか長文メールが届いていたのでさらっと読みましたが、PagerDutyが攻撃を受けた模様。たいした内容でも無いので、晒します。

こんなメールが来てた

Dear Customer,

On July 9, 2015, our engineering team detected a security incident whereby an attacker gained unauthorized access to our users’ names, email addresses, public calendar feed URLs, and hashed, salted and peppered passwords. We realize the sensitivity around of this type of event, and will work with our customers to address any concerns they may have.

Within hours of the start of the intrusion, we were able to detect and remove the attacker, and shut down the attack. We also notified law enforcement and retained a leading cyber security forensics firm to help with our investigation and remediation. Based on the investigation, we have found no evidence that corporate, technical, financial, or sensitive end user information, including phone numbers, was exposed by this incident. We protect our customers’ passwords by hashing them with a salt and pepper.1 We have found no evidence that the attacker gained access to the pepper.

We consider the security of our customers’ information paramount, and have taken several steps to further harden our systems. While we are confident in the strength of the protections used to secure users’ passwords, as a precaution we are asking our users to set new strong passwords at this time. Users that do not reset their password by Monday, August 3rd at 12:00pm Pacific Time will be automatically logged out of the website and will receive an email prompting them to reset their password. At no time will alert delivery be affected by this process.

We also recommend that customers reset calendar feed URLs and revoke and re-add access to any mobile devices linked to their PagerDuty account.

We realize that an attacker might use email to conduct a phishing attack, so we urge you to be vigilant in protecting your identity online. PagerDuty will never ask for your password or other sensitive information via email.

I have been personally involved in our response every step of the way. We value your trust and confidence in our company and we strive to meet the high standards we set for ourselves. I take this event as an opportunity to review and enhance our security, and remain committed to strong internal security practices and processes.

We apologize for this incident. If you have questions, we have published a blog post with more details or you can contact us directly at support@pagerduty.com.

Thank you for being a loyal member of the PagerDuty community.

Andrew Miklas
Co-founder and CTO

On July 9, 2015、って、今日31日ですけど、発表遅すぎないですかね

情報まとめてたのかな。それにしても遅すぎる。

とりあえず8/3にパスワードリセットするらしい

ウチはSSOだけどリセットメールくるのだろうか(むしろ来た方があやしいのか)どうしたらいいんだ

ブログで詳細が出ているらしい

Important Security Announcement From PagerDuty
https://www.pagerduty.com/blog/july-2015-security-announcement/

攻撃者は、ユーザーの名前、電子メールアドレスを獲得している様子

なりすましメールには気をつけろって話ですかね

企業のセキュリティを担保するために必要な事=情報の透明性の確保

どんどん公開したらいいと思います