datadogCloud metrics firm Datadog has revoked all stored passwords and notified customers via email that a database containing the passwords may have been breached. One user also reported unsuccessful attempts to use Amazon Web Services credentials shared with Datadog.

“We have detected unauthorized activity associated with a handful of production infrastructure servers,” Chief Security Officer Andrew Becherer wrote in a blog post. “We strongly recommend that you immediately revoke or rotate any credentials in use in your Datadog account.”

All Datadog customers with stored passwords were advised to revoke or rotate their stored credentials. Users of Google Authorize and Security Assertion Markup Language weren’t affected, Datadog said.

“We’re still piecing together the attack and have brought in third-party incident response and forensics experts,” Becherer wrote in the July 8 blog post. “We expect forensics to continue well into next week. A postmortem and longer-term plans will follow.” He encouraged AWS customers to use Identify and Access Management (IAM) role delegation, which he called a “stronger method of AWS integration that prevents the sharing of security credentials, such as access keys, between accounts.”

Datadog, based in New York City, offers Software as a Service that runs on AWS, Azure and Google Cloud Platform.

Update: Reddit comments from Datadog users so far have made no mention of anyone actually being affected by the breach attempts.

Like what you're reading? Subscribe to GeekWire's free newsletters to catch every headline

Job Listings on GeekWork

Find more jobs on GeekWork. Employers, post a job here.