Hackers Stole CircleCi Databases Using an Engineer's Stolen Privileges

Thousands of Norton LifeLock customers compromised, 24 Hours of Le Mans Virtual interrupted by security threat, $2.5 million recovered from Harmony breach, NFT God's wallet drained, much more

Check out my latest CSO column, which focuses on port crane cybersecurity and the upcoming study of the issue mandated by the NDAA bill passed in December.

Hackers breached the continuous integration and continuous delivery platform CircleCi in December after an engineer became infected with information-stealing malware that stole a valid, 2FA-backed SSO session cookie, allowing access to the company's internal systems.

After it disclosed a security incident earlier this month, CircleCi says in a new incident report on the attack they first learned of the unauthorized access to their systems after a customer reported that their GitHub OAuth token had been compromised. This compromise led to CircleCi automatically rotating the GitHub OAuth tokens for its customers.

Using the engineer's privileges, CircleCi says the hacker began stealing data on December 22nd …