Sign up for our newsletter!
Stay informed on the latest DevOps news

DevOps.com

Every (Data)dog Has its Day

By: on 3 Comments

Bienvenido, Datadog! You have truly made it to the big leagues, as you join a growing list of reputable companies that have suffered an apparent data breach/security incident. Many people view this as a dreaded moment, one that should always be avoided. However, it’s almost as though nowadays it’s a rite of passage for a company to be hacked at some point in its lifespan. Call them growing pains, if you will.

Datadog is a software-as-a-service (SaaS) company that helps monitor and collect analytics for customers, which include the likes of Facebook, Spotify, Salesforce and Citrix.

As with any data breach, Datadog is recommending users change their credentials immediately—a common practice among down-on-their-luck dogs. This recommendation applies only to stored passwords; however, those enlightened few who use Google Auth or SAML should be OK. The notice also directs admin users to revoke or change credentials stored in the Datadog system to prevent fur-ther security breaches and unauthorized access.

Obviously, data breaches should be avoided at all costs, and can be seen as a hit to a company’s bottom line. But Datadog stands on solid ground here following the attack. Its ruff-and-tuff password storage method, bcrypt, which uses a unique salt, is one of the strongest ways to keep credentials and slow decryption efforts, according to Datadog Chief Security Officer Andrew Bechere.

Fur-tunately for Datadog, at least right now, its security procedures and bcrypt system have prevented what could have been a major disaster. The company has informed its customers that the “known” attack vectors used by the hackers have been patched.

It is my utmost opinion that we throw Datadog a bone here as we continue to see hacks and breaches become commonplace among tech companies. Not only has it become quite common, but Datadog cur-tailed the damage of the breach by implanting bcrypt security encryption.

Oh, you’re a stickler for your information remaining private? I hate to break it to you, but it’s the internet. Nothing is sacred and private once it goes online. However, you can take measures and increase security to make it extremely difficult and lengthy for hackers to obtain information. Still not good enough for you? Let’s just take a look at other companies that have suffered hacks.

Sony suf-fur-ed a tremendous hack last year that listed executive emails and personal information including addresses and salaries. Home Depot suffered a hack in September 2014 that compromised 53 million email addresses. And let’s not forget about the JP Morgan hack affecting 83 million customers, the eBay hack that compromised 145 million active users (including login credentials and physical addresses) and the 2013 hack of Target, which exposed personal and financial information of 110 million customers.

So enough pup-arazzi for Datadog, don’t terrier yourself up about it. Every once in a while a company suf-fur-s a data breach. What can I say? The puggle is real out here.

I’m sorry for all the puns. In related news, Datadog issued a press release, which you can find here.