Let’s start with a story: Have you heard the news about CircleCI’s breach? No, not the one where they accidentally leaked some customer credentials a few years back. This time, it’s a bit more serious.
It seems that some unauthorized individuals were able to gain access to CircleCI’s systems, compromising the secrets stored in CircleCI. CircleCI advised users to rotate “any and all secrets” stored in CircleCI, including those stored in project environment variables or contexts.