CirclCI data breach exposed customer GitHub and Bitbucket logins

News by Doug Olenick

CircleCI has informed its clients that a third-party analytics vendor suffered an incident exposing login information for their GitHub and Bitbucket accounts

The software integration firm CircleCI has informed its clients that a third-party analytics vendor suffered an incident exposing login information for their GitHub and Bitbucket accounts.

The company said in a statement it was informed of the breach on 31 August, but affected customers who accessed the CircleCI platform starting June 30, 2019. The information compromised included usernames and email addresses associated with GitHub and Bitbucket and IP addresses and user agent strings. Additionally, organisation name, repository URLs and names, branch names, and repository owners may have been accessed.

Other information in CircleCI’s possession was not involved.

"No CircleCI user secrets, build artifacts, build logs, source code, or any other production data was accessed or exfiltrated during this incident. No data used for authentication with CircleCI, such as auth tokens and password hashes, was accessed, nor was any credit card or financial information.

Once informed by the third-party vendor that the account had been breached CircleCI’s team disabled the account and removed the unauthorised user account within 15 minutes.

To prevent a similar event from happening in the future CircleCI is reviewing its policies for enforcing 2FA sign on for third-party accounts and transition to single sign-on (SSO) for all of our integrations.

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews