Turn any signal into insight and action. See how PagerDuty Digital Operations Management Platform integrates machine data and human intelligence to improve visibility and agility across organizations.
Connect insights to real-time action by aligning teams through the shared language of business impact.
Check out the latest products we’ve been working on—including event intelligence, machine learning, response automation, on-call, analytics, operations health management, integrations, and more.
Digital Operations Management arms organizations with the insights needed to turn data into opportunity across every operational use case, from DevOps, ITOps, Security, Support, and beyond.
Over 300 Integrations
Discover DevOps best practices with our library of webinars, whitepapers, reports, and much more.
Learn best practices and get support help with resources from our award-winning support team.
See how PagerDuty works with our live product demo — twice a week, every week.
Join live and on-demand webinars for product deep dives, industry trends, configuration training, and use case-specific best practices.
Interactive, simple-to-use API and technical documentation enables users to easily try updates and extend PagerDuty.
Engage with users and PagerDuty experts from our global community of 200k+ users. Become a member, connect, and share insights for success.
Get all your PagerDuty-related questions answered by exploring our in-depth support documentation and community forums.
We just held our annual conference, PagerDuty Summit 2018, where we shared new product announcements and demoed new capabilities. But while we always have big...
PagerDuty helps organizations transform their digital operations. Learn more about PagerDuty's mission and what we do.
Meet our experienced and passionate executive team.
We are risk-taking innovators dedicated to delivering amazing products and delighting customers. Join us and do the best work of your career.
With the PagerDuty Foundation, we are committed to doing our part in giving back to the community.
Our customers and community are very important to us, and to maintain the transparency that is essential to keeping your trust, we wanted to tell you about a recent event.
On July 9, PagerDuty detected an unauthorized intrusion by an attacker who gained access to some information about our customers. Within a few hours of the intrusion, our team was able to shut down the attack, and we immediately took steps to mitigate the issue, including enhancing our monitoring and detection capabilities, and further hardening our environment.
We have found no evidence that corporate, technical, financial, or sensitive end user information, including phone numbers, was exposed by this incident. As you know, we do not collect customers’ social security numbers and we do not store or have access to customer credit card numbers. This incident also had no impact on our ability to provide services to our customers.
We engaged a leading cyber security forensics firm to investigate the attack, and validate that the measures we took to address this issue – and our security practices more generally – meet the high standards to which we hold ourselves. We also notified law enforcement and are cooperating fully with their investigation into this matter.
Based on the investigation, the attacker bypassed multiple layers of authentication and gained unauthorized access to an administrative panel provided by one of our infrastructure providers. With this access, they were able to log into a replica of one of PagerDuty’s databases. The evidence indicates that the attacker gained access to users’ names, email addresses, hashed passwords and public calendar feed URLs.
Passwords are hashed1 with a salt and pepper, and we have no evidence that the attacker was able to access the pepper, which makes it computationally infeasible that the hashed passwords can be used in any way by the attacker. The calendar feed URLs provide users with a read-only calendar of when they are on-call.
While we are confident in the strength of the protections used to secure users’ passwords, as a precaution we are asking our users to set new strong passwords at this time. Users that do not reset their password by Monday, August 3rd at 12:00pm Pacific Time will be automatically logged out of the website and will receive an email prompting them to reset their password. At no time will alert delivery be affected by this process.
We also recommend that customers reset calendar feed URLs and revoke and re-add access to any mobile devices linked to their PagerDuty account.
We realize that an attacker might use the names and email addresses exposed during this incident to target customers with phishing attacks, so we urge you to be vigilant in protecting your identity online. PagerDuty will never ask for your password or other sensitive information via email.
I have been personally involved in our response every step of the way. We value your trust and confidence in our company and we strive to meet the high standards we set for ourselves. I take this event as an opportunity to review and enhance our security, and remain committed to strong internal security practices and processes.
We apologize for this incident. If you have questions, you can contact us directly at firstname.lastname@example.org.
1. We use robust hashing techniques to protect passwords. If you have logged into your account since January 1, 2015, your password is hashed with Bcrypt with a work factor of 10, using a per-user randomly generated salt and a site-wide pepper. Older passwords are hashed with SHA-1 stretched over multiple rounds and using the same salt and pepper approach. We have no evidence that the attacker was able to access the pepper. Both our salts and pepper are 40 characters in length and are randomly generated.
PagerDuty Launches a New Set of Integrations for Jira IT Operations, DevOps, and Developer teams count on PagerDuty’s 300+ integrations to power their end-to-end real-time...
600 Townsend St., #200
San Francisco, CA 94103
905 King Street West, Suite 600
Toronto, ON, M6K 3G9, Canada
1416 NW 46th St., St. 301
Seattle, WA 98107
5 Martin Place
1 Fore St,
London EC2Y 9DT
© 2009 - 2018