Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security

CircleCI Warns Customers To Rotate 'Any and All Secrets' After Hack (techcrunch.com) 8

CircleCI, a company whose development products are popular with software engineers, has urged users to rotate their secrets following a breach of the company's systems. From a report: The San Francisco-headquartered DevOps company said in an advisory published late Wednesday it is currently investigating the security incident -- its most recent in recent years. "We wanted to make you aware that we are currently investigating a security incident, and that our investigation is ongoing," CircleCI CTO Rob Zuber. "At this point, we are confident that there are no unauthorized actors active in our systems; however, out of an abundance of caution, we want to ensure that all customers take certain preventative measures to protect your data as well."

CircleCI, which claims its technology is used by more than a million software engineers, is advising users to rotate "any and all secrets" stored in CircleCI, including those stored in project environment variables or in contexts. Secrets are passwords or private keys that are used to connect and authenticate servers together. For projects using API tokens, CircleCI said it has invalidated these tokens and users will be required to replace them.

This discussion has been archived. No new comments can be posted.

CircleCI Warns Customers To Rotate 'Any and All Secrets' After Hack

Comments Filter:

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...