At noon, we discovered unauthorized processes running on one of our data processing machines (specifically, a processing machine related to generating the weather maps on our homepage). These processes appear to be related to a cryptocurrency mining network and were stealing significant CPU time from this machine, but otherwise appear to have been benign. At the time of discovery, it appears that the processes had been running for approximately twelve hours.

Upon discovery, we immediately closed the security hole that allowed for the intrusion to occur, destroyed the hacked machine (replacing it with a clean copy), and did a full audit of the rest of our network. We found no evidence of any other machines being accessed, though the audit did turn up a couple other potential (though unlikely) vulnerabilities, which were also closed.

The machine in question had no sensitive information on it. (Indeed, at Dark Sky, we take privacy very seriously and so we store as little information as possible, and for as short a period of time as possible, and in as few places as possible.) We do not believe that any sensitive information of any kind was leaked.

We have instituted policy changes to help prevent this sort of oversight in the future, and will be taking steps to further reduce our attack surface.