Hackers breached CircleCi in December after an engineer became infected with information-stealing malware that their 2FA-backed SSO session cookie, allowing access to the company’s internal systems.
Earlier this month, CircleCi disclosed that they suffered a security incident and warned customers to rotate their tokens and secrets.
data thIn a new security incident report on the attack, CircleCi says they first learned of the unauthorized access to their systems after a customer reported that their GitHub OAuth token had been compromised.
Read more…
Source: Bleeping Computer