JumpCloud resets admin API keys amid ‘ongoing incident’
JumpCloud, a US-based enterprise software firm is notifying several customers of an “ongoing incident.”
As a caution, the company has invalidated existing admin API keys to protect its customer organizations. Affected organizations will need to generate new keys.
Headquartered in Louisville, Colorado, and launched in 2013, the cloud-based directory-as-a-service platform serves over 180,000 organizations across more than 160 countries.
JumpCloud invalidates API keys
This morning, BleepingComputer received a tip off from an anonymous reader alerting us to a potential security incident at JumpCloud.
The reader in question is among JumpCloud customers who received an email today from the firm stating that existing admin API keys had been invalidated while JumpCloud investigates an “ongoing incident.”
“Out of an abundance of caution relating to an ongoing incident, JumpCloud has invalidated your existing API keys. We have done this to protect your organization and operations.” reads the email notification, aimed at JumpCloud Admins.
“We apologize for any disruption this causes you and your organization, but the action was taken on your behalf as the most prudent course of action.”
The cloud-based security service has asked affected customers, specifically Admins who are “currently using their API key or an integration that relies on a JumpCloud admin API key” to generate a new API key(s) and update integrations with the new API keys.
“Once an Admin’s API Key is invalidated, that API key associated to that Admin will no longer work. This will impact any of the following,” states a security notice.
- AD Import
- HRIS integrations
- JumpCloud Powershell Module
- Jumpcloud-Slack-App
- Directory Insights Serverless App
- ADMU
- 3rd party MDM Zero-touch packages
- Command Triggers
- Okta SCIM integration
- Azure AD SCIM integration
- Integrations built to create/update users and/or devices using 3rd party tools like Workato, Aquera, Tray,io, etc.
- Automations and custom applications, and any other use cases that involve an Administrators JumpCloud API key.
Earlier this year, JumpCloud was investigating potential impact to its customers as a result of January’s CircleCI security incident.
BleepingComputer has contacted JumpCloud with questions related to the nature of the incident, its scope, and the overall impact. We are awaiting additional details.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
