"CircleCI Warns Customers to Rotate 'Any and All Secrets' After Hack"

Following a breach of CircleCI's servers, the company has recommended customers rotate their secrets. CircleCI is a San Francisco-based DevOps company whose development solutions are popular among software developers. According to a statement made by the company, the incident is being investigated, and customers should rotate "any and all secrets" saved in CircleCI, including those stored in project environment variables or contexts. Passwords or private keys are used as secrets to connect and authenticate servers. In addition, CircleCI stated that for projects using Application Programming Interface (API) tokens, these tokens have been invalidated, and users must replace them. This article continues to discuss CircleCI warning customers to rotate all secrets after a hacking incident. 

TechCrunch reports "CircleCI Warns Customers to Rotate 'Any and All Secrets' After Hack"