CircleCI

The software development service CircleCI suffered a data security incident after which it urged users to rotate their secrets.

CircleCI has invalidated API tokens for projects using API tokens, and asked the users to replace them.

The breach compromised data such as usernames, passwords, email addresses, IP addresses, organizations, repositories, URLs, and others associated with the users’ GitHub and Bitbucket accounts.

Source: https://heimdalsecurity.com/blog/attention-developers-circleci-security-breach-heres-what-you-need-to-know/

"id": "CIR2325123",
"linkid": "circleci",
"type": "Data Leak",
"date": "12/2022",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"