 "Software company CircleCi confirms hackers stole data of some customers")
Software company CircleCi, whose products are popular with developers and software engineers, has confirmed that some customers' data were stolen in a data breach last month.
Although the employee's access was secured with two-factor authentication, the company said that the intruder gained access through a laptop that was infected with malware, reports TechCrunch.
This vulnerable system allowed the theft of session tokens, which were used to keep the employee logged in to specific applications.
The company accepted responsibility for the breach, labelling it a "systems failure" and added that its antivirus software failed to find the malware on the employee's laptop that was stealing tokens.
According to CircleCi, the theft of the session token allowed the hackers to use the employee's identity to access some of the company's production systems, which include customer data.
"Because the targeted employee had privileges to generate production access tokens as part of the employee's regular duties, the unauthorised third party was able to access and exfiltrate data from a subset of databases and stores, including customer environment variables, tokens and keys," said Rob Zuber, chief technology officer, CircleCi.
"We encourage customers who have yet to take action to do so in order to prevent unauthorised access to third-party systems and stores," Zuber added.
Moreover, he said that the hackers had access from December 16 through January 4.
Several customers have already informed the company of unauthorised access to their systems, Zuber added.
--IANS
aj/khz/
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
You’ve hit your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Quarterly Starter
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Access to Exclusive Premium Stories Online
Over 30 behind the paywall stories daily, handpicked by our editors for subscribers
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app