A software company CircleCi has acknowledged that a data breach that occurred last month resulted in the theft of such customers’ personal information.
After an engineer contracted data-stealing malware that took use of CircleCi’s 2FA-backed SSO session cookies to get access to the company’s internal systems, hackers broke into the company in December. CircleCi reminded consumers to change their credentials and passwords earlier this month after disclosing a security breach.
The company accepted responsibility for the breach and criticized a system failure, noting that its antivirus program missed the token-stealing malware on the employee’s laptop. Using session tokens, users can maintain their login status without constantly typing their password or re-authorizing using two-factor authentication. However, without the account holder’s password or two-factor code, an attacker can access the same resources as them by using a stolen session token. As a result, it may be challenging to distinguish between a session token belonging to the account owner and one stolen by a hacker.
According to CircleCi, the theft of the session token enabled the hackers to assume the identity of the employee and obtain access to a few of the business systems, which store client data.CircleCi states they rotated all customer-related tokens, including Project API Tok
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: