On November 3, 2023, Sumo Logic, a cloud-native security analytics and log management platform, discovered that a compromised AWS access key had been used to gain unauthorized access to their AWS environment. Sumo Logic immediately rotated the compromised credentials, locked down API access, and began an investigation. The company notified customers on November 7 and recommended they rotate their Sumo Logic API access keys and third-party credentials stored in Sumo Logic as a precaution. The attacker did not appear to exfiltrate customer data, but the incident highlighted the risk of long-lived AWS access keys and the importance of timely credential rotation.