At this stage, we believe your hosted credentials, that is, the credentials you provide Flood, to launch hosted grid infrastructure on third-party cloud providers may have been compromised.
Attackers may have been successful in taking a copy of your cloud-based credentials for AWS, Microsoft Azure, or Google Cloud.
At this stage, we have already rotated your Flood API tokens. We strongly advise that you rotate the secrets for your cloud credentials. Alternatively, you may wish to delete your credentials used for Flood. For specific help:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html#Using_RotateAccessKeyhttps://docs.microsoft.com/en-us/azure/role-based-access-control/overviewhttps://cloud.google.com/iam/docs/creating-managing-service-account-keys
We want to make sure you have the details of what has happened, as soon as we can complete an investigation and take steps to help protect you.