CircleCi, a software company that is popular with software engineers and developers, has confirmed that some customer information has been stolen. data breachLast month.
Company he said in a detailed blog postFriday identified the intruder as an employee’s laptop, which had been compromised by malware. This allowed the theft session tokens, which were used to log into certain apps. Two-factor authentication was not protected.
The company claimed responsibility for the compromise, calling it “systems failure” and adding that its antivirus software failed detect code-stealing malware on an employee’s laptop.
Session tokens let the user log in without the need to re-enter the password, or reauthorize using two-factor authentication each and every time. The stolen session token gives the hacker the same access as the account owner without the need to enter the password and bytecode. It can be difficult for the user to distinguish the session token from the hacker who stole it.
CircleCi stated that the theft of the session token allowed cybercriminals access to company production systems that store customer data.
Rob Zuber stated that the target employee had permissions to create production tokens as part his normal duties. This allowed the unauthorized third-party to access and pull data from a limited number of databases and stores, including client environments variables tokens and keys. The chief technology officer of the company. Zuber claimed that hackers had access to the company’s data from December 16 through January 4.
Zuber stated that although customers’ data was encrypted by Zuber, cybercriminals were able to obtain encryption keys capable of decrypting customer information. Zuber stated that customers should take action if they have not done so yet to prevent unauthorized access by third party systems or stores.
Zuber said that CircleCi already received reports from customers about unauthorised access to their systems.
The autopsy is performed days after the communion Warn clients to take turns on “any and all secrets”Its platform stores customers’ source code and other sensitive details to protect against hackers accessing them.
CircleCi employees who have access to production systems “added additional authentication and controls,” Zuber stated. This should prevent a recurrence, Zuber said. using hardware security keys.
The initial access point — the theft of the token on an employee’s laptop — bears some resemblance to how the password-management giant LastPass was hacked, which also included an intruder targeting the employee’s device, though it’s unknown if the two incidents are related. LastPass confirmed that the incident occurred in December. Encrypted password lockers for clientsThe data was stolen in an earlier breach. LastPass claimed that the hackers were condescending at the beginning Employee device and account accessThey may compromise LastPass’ internal environment for developers.
Source link
[Denial of responsibility! reporterbyte.com is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – reporterbyte.com The content will be deleted within 24 hours.]