CircleCI temporarily shuts doors amid MongoHQ hack

Summary:CircleCI has had to take action similar to Buffer after also being affected by the compromise at MongoHQ.

With MongoHQ earlier this week admitting that it had been breached and its customer databases compromised, CircleCI is the latest company to step forward and reveal that it was one of those that was affected in turn.

On Tuesday, the company, which helps web developers deploy their code online, pulled its services offline after realising that MongoHQ had been breached. The previous day, it had noticed that one of its Amazon Web Services Identity and Access Management keys had been deleted, sparking the company into action.

Shortly after MongoHQ announced that it had been the victim of an attack, it notified CircleCI that its customer database was one of the few that had been accessed.

"To contain any potential risk, we determined that the best course of action was to shut down the CircleCI website and stop all builds. We also determined that it would be best to revoke all API tokens and SSH keys that we had access to, and work with upstream vendors to similarly protect users from possible exposure," CircleCI wrote in its incident response post.

In a similar fashion to what happened with Buffer , it began revoking all customer OAuth tokens associated with Heroku and GitHub, as these could no longer be trusted, as well as all SSH keys that were known.

CircleCI customers are not required to renew their OAuth tokens and replace their SSH keys, where affected. The company also advises customers to validate that their applications and code are unaltered, stating that it is possible that git repositories may have been written to and that Heroku environment variables and databases could have potentially been modified by an attacker.

Topics: Security


A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.