Customer Trust Portal

1. Have you been impacted by the Polyfill supply chain attack? Yes, we detected one link to Polyfill CDN in a non-critical third party application.
2. If Yes, have you had any successful exploits? None have been reported or detected.
3. If Yes, have you mitigated the vulnerability (please describe in detail)? Yes, remediation of our sole reference to the Polyfill CDN was completed the night of June 26th.

Our systems were unaffected by the recent Hubspot Security Incident. We are not Hubspot customers and do not use Hubspot within our Marketing stack. However, we do support Hubspot as an integration. Customers of Hubspot are encouraged to reach out to Hubspot directly to determine if they are affected by the Hubspot Security Incident.

What controls do you have in place in regard to Service Accounts?
Amplitude utilizes password logins for our service accounts which are randomly generated with high entropy. We also apply a network policy that only allows logins from Amplitude's environment via IP address

Who can access Snowflake data? What controls do you have in place to manage access?
Amplitude tightly controls access to Snowflake, mainly to Engineers and employees who work on the Snowflake products for our customers. Amplitude enforces MFA through our IDP for all dev accounts

What auditing capabilities do you have of Snowflake data?
Snowflake provides Amplitude with query history for monitoring and auditing capabilities

We are aware of reports regarding a recent Snowflake security incident involving potentially unauthorized access to accounts whose credentials were “available from historical infostealer infections” (source).

Snowflake has not indicated to Amplitude that we are impacted by the incident. However, we have been proactively in touch with Snowflake to ensure we apply Snowflake's recommended best security practices and properly monitor our systems.

Our IT and Security teams have conducted a thorough assessment and found no impact on Amplitude's systems to date. We have checked our security configurations to ensure that any continued attempts at unauthorized access will be unsuccessful: Our Snowflake logins, where applicable, use MFA through our identity provider (IdP) For our service accounts, have a network policy that only allows login access from known Amplitude IP addresses

We will continue to monitor the situation and provide updates as necessary.

Our systems were unaffected by the recent Okta Security Incident. We take your trust seriously and remain dedicated to ensuring the security of your data and online activities.

A thorough assessment was performed by our internal IT and security experts, and we can confirm that we were not impacted by the exposure of HTTP Archive (HAR) files and have not detected any anomalous activity within our environment.

In a recent update provided by Okta, we have determined that the emails of our IT personnel and company name were exposed in the breach. Prior to the incident, we had implemented many of the best practices recommended by Okta, including: Multi-Factor Authentication (MFA), Admin Session Timeout, and Phishing Awareness. We saw no evidence of these accounts being compromised but nevertheless took proactive preventative measures.

If you have questions or require more information about our security measures, please reach out. We appreciate your trust and look forward to continuing to serve you with care and dedication.

Best regards,

Amplitude Security

Subject: Re: HTTP/2 Rapid Reset Vulnerability (CVE-2023-44487) - No Impact on Our Services

Dear Valued Customer,

I'm reaching out to confirm that our systems are unaffected by the HTTP/2 Rapid Reset Vulnerability (CVE-2023-44487). We take your trust seriously and remain dedicated to ensuring the security of your data and online activities.

Our security experts continuously monitor developments, and after a thorough assessment, we can confirm that our infrastructure is not vulnerable to CVE-2023-44487. Security is paramount to us, and we invest in robust measures, update our systems, and follow best practices to mitigate risks.

If you have questions or require more information about our security measures, please reach out. We appreciate your trust and look forward to continuing to serve you with care and dedication.

Best regards,

Amplitude Trust and Security Team