U.S. web tracking and analytics firm New Relic had its internal environment for hosting customer usage data and other logs impacted in a recent cyberattack, SecurityWeek reports.
Social engineering and stolen employee account credentials have been leveraged by attackers to infiltrate the internal environment, which enabled access to some customer accounts, according to New Relic, which emphasized that the intrusion did not result in any lateral movement and the compromise of credentials stored in the affected environment. "It appears the credentials were harvested in recent large-scale social engineering and credential compromise attacks, which may have put these New Relic user accounts at risk. In cases where we identify this suspected access, we are proactively reaching out to these customers," said New Relic. Such an attack has prompted New Relic to not only strengthen its network defenses but also urge its users to activate multi-factor authentication and track their accounts for suspicious activity.
An In-Depth Guide to Identity
Get essential knowledge and practical strategies to fortify your identity security.
While several countries have expressed concerns about the potential exploitation of the treaty to curtail human rights and strengthen extraterritorial surveillance, implementing the treaty with appropriate safeguards could prove beneficial in combating increasingly sophisticated cybersecurity threats.
More than 100 records shared by the hacker revealed the scraping of usernames, names, email addresses, biographies, follower and following counts, external URLs, and locations, as well as targeted usernames, user IDs and scrape IDs, account creation dates, and account categories.