US-based enterprise software firm JumpCloud is notifying several customers about an ongoing incident that has prompted the company to invalidate existing admin API keys as a precautionary measure.
The cloud-based directory-as-a-service platform, which serves over 180,000 organizations worldwide, has asked affected customers, particularly administrators using their API key or dependent integrations, to generate new API keys and update their integrations.JumpCloud aims to protect its customers’ organizations and operations while investigating the nature and scope of the incident.
Furthermore, JumpCloud customers received email notifications informing them that their existing admin API keys had been invalidated. The company emphasized that this action was taken to safeguard customer organizations and operations, apologizing for any disruptions caused.
Admins who are currently using their API key or integrations reliant on a JumpCloud admin API key were advised to generate new keys and update their integrations accordingly.
Various services and integrations, including AD Import, HRIS integrations, JumpCloud Powershell Module, and more, will be affected by the invalidated API keys, as stated in the security notice.
At the same time, earlier this year, JumpCloud was already investigating potential impact to its customers following the January security incident involving CircleCI. The company’s prompt response and precautionary measures reflect its commitment to ensuring customer security and the protection of their operations.
