CirclCI Data Breach Exposed Customer GitHub And Bitbucket Logins

According to this link, https://www.scmagazineuk.com/circlci-data-breach-exposed-customer-github-bitbucket-logins/article/1595997, CircleCI has informed its clients that a third-party analytics vendor suffered an incident exposing login information for their GitHub and Bitbucket accounts.

  • The information compromised included usernames and email addresses associated with GitHub and Bitbucket and IP addresses and user agent strings
  • Additionally, organisation name, repository URLs and names, branch names, and repository owners may have been accessed
  • The breach affected customers who accessed the CircleCI platform starting June 30, 2019

Experts Comments

September 10, 2019
Saryu Nayyar
CEO
Gurucul
Third party vendors are a type of insider threat that some organisations never consider. Supply chains, partner networks and contractors are important elements of growing a business. But as third-party access becomes more prolific, it becomes increasingly difficult to control which vendors have access to sensitive information. In a poll we contacted at Black Hat USA 2019, 76% of IT security professionals said they have tightened up their third party defences. Securing third party access is one .....Read More
Third party vendors are a type of insider threat that some organisations never consider. Supply chains, partner networks and contractors are important elements of growing a business. But as third-party access becomes more prolific, it becomes increasingly difficult to control which vendors have access to sensitive information. In a poll we contacted at Black Hat USA 2019, 76% of IT security professionals said they have tightened up their third party defences. Securing third party access is one of the best ways to protect against intentional or accidental data breaches so it’s great to see that so many organisations are taking the issue seriously.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.