CircleCI Discloses A Security Incident, Urges Customers to Rotate Secrets

Category: Data Breach | Industry: Technology | Level: Strategic | Source: CircleCI

CircleCI, a popular CI/CD platform, has disclosed a security incident notifying customers in an email and company blog to rotate their secrets and review internal logs of any suspicious activity between December 21st, 2022 to January 4th, 2023. In addition, customers who have implemented Project API tokens with CircleCI are encouraged to deactivate and replace them. Rob Zuber, CircleCI's chief technology officer asserts the warning and requested actions are precautionary, as from their current analysis of the incident they "are confident that there are no unauthorized actors active in our systems."

‍