5 January 2023

CircleCI discloses security breach, recommends users to rotate their CircleCI tokens


CircleCI discloses security breach, recommends users to rotate their CircleCI tokens

CircleCI, a company behind the eponymous continuous integration and continuous delivery(CI/CD) platform, is warning users that they should rotate all secrets stored in their CircleCI environments following a security breach.

In a short security advisory the CI/CD provider said it is currently investigating a security incident, without sharing any details regarding the nature of the breach, or when and how it occurred.

The company also recommends that users review internal logs for unauthorized access via CircleCI integrations that may have taken place between December 21, 2022 and January 4, 2023.

“At this point, we are confident that there are no unauthorized actors active in our systems; however, out of an abundance of caution, we want to ensure that all customers take certain preventative measures to protect your data as well,” the company said. “We will provide you updates about this incident, and our response, as they become available.”

In related news, business messaging app Slack disclosed a data breach where a threat actor got access to Slack’s private code repositories on GitHub using stolen employee tokens.

“On December 29, 2022, we were notified of suspicious activity on our GitHub account. Upon investigation, we discovered that a limited number of Slack employee tokens were stolen and misused to gain access to our externally hosted GitHub repository. Our investigation also revealed that the threat actor downloaded private code repositories on December 27. No downloaded repositories contained customer data, means to access customer data, or Slack’s primary codebase,” the company said.

Upon discovering the breach, the company invalidated the stolen tokens. Slack says that the intruder did not access other areas of its environment, including the production environment, and they did not access other Slack resources or customer data.

Back to the list

Latest Posts

Cyber security week in review: January 27, 2023

Cyber security week in review: January 27, 2023

The world in brief: the FBI dismantles the Hive ransomware operation, the League of Legend source code stolen in a hacker attack, and more.
27 January 2023
Hackers increasingly abusing RMM software for nefarious purposes

Hackers increasingly abusing RMM software for nefarious purposes

Hackers can use legitimate RMM software as a backdoor for persistence and/or command and control.
26 January 2023
GoTo says hackers stole encrypted backups, an encryption key

GoTo says hackers stole encrypted backups, an encryption key

The company said it found no evidence that other GoTo products or any of its production systems were affected.
25 January 2023