CircleCI says hackers stole encryption keys and customers’ secrets

Pixelman

Level 4
Thread author
Verified
Well-known
Jun 7, 2022
151
CircleCi, a software company whose products are popular with developers and software engineers, confirmed that some customers’ data was stolen in a data breach last month.

The company said in a detailed blog post on Friday that it identified the intruder’s initial point of access as an employee’s laptop that was compromised with malware, allowing the theft of session tokens used to keep the employee logged in to certain applications, even though their access was protected with two-factor authentication.

The company took the blame for the compromise, calling it a “systems failure,” adding that its antivirus software failed to detect the token-stealing malware on the employee’s laptop.

 

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
834
adding that its antivirus software failed to detect the token-stealing malware on the employee’s laptop.
If they can intercept session tokens (cookies? YubiKey or hardware token? or 2FA codes or what?) they have the skill to avoid AV.

Sounds like a target OP by a nation state, or someone advanced.
 
  • Like
Reactions: Stopspying

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top