BrowserStack takes service offline as it deals with hacked infrastructure
Cross-platform web app testing platform falls victim to hackers
A web service that enables developers to test the rendering of websites on different browser platforms has fallen victim to hackers.
Browserstack confirmed its infrastructure had been compromised in a tweet yesterday evening, and said it was "currently sanitising entire BrowserStack, so service will be down for a while. We're on top of it and will keep you posted," according to a short statement.
JotForm founder, Aytekin Tank, noticed the problem. In a post on Medium, he said that he had received an email purporting to be from BrowserStack claiming the service was closing down.
The email claimed the firm had "no firewalls in place, and our password policies are atrocious. All virtual machines launched are open to the public, accessible to anyone with the alpha password."
It wasn't until earlier this morning that BrowserStack took to Twitter once more and said the hacker's access "was restricted solely to a list of email addresses".
The firm said it would carry out a post-mortem in the wake of the attack to prevent the same thing happening again. "Currently efforts are focused on getting the service back on track, and protecting user interests," the firm said in another tweet.
The service itself uses virtual machines to enable devlopers to test their apps on 11 different operating systems and over 700 versions of various browsers.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Tank said the problem would be a good opportunity for BrowserStack to "take security more seriously, and improve things permanently".
"They should fully and publicly admit any mistakes they have made and tell users what steps they will take to improve things, and they should then follow it through. Things might suck at the beginning but the end result would eventually be a win for both BrowserStack and their users," said Tank.
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.