Last month, Rubrik revealed that a breach compromised one of its servers hosting log files, prompting the company to rotate potentially leaked authentication keys.
The company confirmed to BleepingComputer that the breach was not a ransomware incident and that no threat actor contacted them.
Rubrik, a cybersecurity company specializing in data protection, backup, and recovery, operates in more than 22 global offices with over 3,000 employees. The company serves over 6,000 customers worldwide, including major corporations like AMD, Adobe, PepsiCo, Home Depot, Allstate, Sephora, GSK, Honda, Harvard University, and TrelliX.
In a security advisory published on February 2 and first reported by Kevin Beaumont, Rubrik stated that it detected unusual activity on a server hosting log files.
“The Rubrik Information Security Team recently discovered anomalous activity on a server that contained log files. We promptly took the server offline to mitigate the risk,” the security advisory explained.
Rubrik also noted that a third-party forensic investigation confirmed the incident was isolated to this single server. The company found no evidence of unauthorized access to customer data or internal code.
However, since a small number of log files contained access information, Rubrik proactively rotated authentication keys as a precaution.
The company emphasized that it found no signs of misuse related to this information.
Moreover, Rubrik’s investigation has not uncovered any evidence that threat actors accessed customer data or internal source code.
Previously, in 2023, Rubrik suffered a data breach when attackers stole company data during the widespread Fortra GoAnywhere data theft attacks carried out by the Clop ransomware gang.
Source: BleepingComputer, Lawrence Abrams
