Web monitoring and analytics company New Relic has disclosed a two-front attack, nine days after sending out a loosely worded warning about a potential cyber security breach.The firm said that a “unauthorized actor used stolen credentials and social engineering in connection with a New Relic employee account” resulted in the compromise of its staging systems in mid-November.
According to the vendor’s caution, the intruder “was able to view certain data pertaining to our customers’ use of New Relic.““There is no indication of lateral movement from our staging environment to any customers’ New Relic accounts in the separate production environment or to New Relic’s production infrastructure,” the statement states.