The first incident affected CircleCI. The CircleCI experienced a data leak incident last month. As a result, some clients’ data was stolen.
According to the CircleCI official representative, intruders had access to the system from 16th of December to 4th of January. They managed to compromise one employee’s laptop with the help of malware. Thus intruders managed to obtain session tokens.
This technique is dangerous and efficient as it enables malicious actors to impersonate themselves as employees and gain access to clients’ data.
The second incident also happened in December. Last month Norton Password Manager accounts were stolen. In that case intruders implemented credential stuffing technique. What’s more, according to the official statement, compromise of the account on other platforms turned out to be the prerequisite of the incident. One of the most probable prerequisite for the incident considered was that malicious actors bought credentials published on some illicit forums in the darknet. The stolen data included: names and surnames, telephone numbers and email addresses.
Subscribe to get helpful articles and white papers.
We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Necessary Cookies
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
Functional Cookies
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
Performance Cookies
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
Third-party Cookies
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!