Recently, we learned of a breach of CircleCI. They strongly suggest that all their customers:

Immediately rotate any and all secrets stored in CircleCI.
Review internal logs for their systems for unauthorized access from December 21, 2022, through January 4, 2023, or the date you rotated the secrets in CircleCI.

The CircleCI team also invalidated all Project API tokens and informed users that they would need to be replaced.

Leave a Reply

Your email address will not be published. Required fields are marked *