Products
▸
The first incident affected CircleCI. The CircleCI experienced a data leak incident last month. As a result, some clients’ data was stolen.
According to the CircleCI official representative, intruders had access to the system from 16th of December to 4th of January. They managed to compromise one employee’s laptop with the help of malware. Thus intruders managed to obtain session tokens.
This technique is dangerous and efficient as it enables malicious actors to impersonate themselves as employees and gain access to clients’ data.
The second incident also happened in December. Last month Norton Password Manager accounts were stolen. In that case intruders implemented credential stuffing technique. What’s more, according to the official statement, compromise of the account on other platforms turned out to be the prerequisite of the incident. One of the most probable prerequisite for the incident considered was that malicious actors bought credentials published on some illicit forums in the darknet. The stolen data included: names and surnames, telephone numbers and email addresses.