Mintlify, a documentation startup, admitted that dozens of customers had their GitHub tokens exposed during a data breach last March 1.
The company explained that the incident was caused by its vulnerable system, causing 91 of its customers to be affected.
Mintlify Compromises Customers' Github After Attack
In a blog post, Mintlify detailed the data breach incident which was only noticed after the company received emails regarding the security of their endpoints. After checking the logs, the company discovered unusual requests to its servers from an unrecognized device.
According to the incident report, some of the requests targeted the sensitive API endpoints of the platform and some were successful, hinting that the hackers were able to access private admin tokens.
"We received confirmation that GitHub tokens stored within our databases were used to access a customer's repository. While we do not have evidence of any other such instances, we cannot confirm that no other such instances occurred," the company wrote.
Mintlify Strengthens Security, Revokes GitHub Access
The company quickly revoked all the GitHub token access and assured the customers that they had implemented security measures to all the APIs to prevent the same incident. The company also partnered with third-party cybersecurity vendors to help with the investigation.
Meanwhile, the 91 compromised users have been notified and are currently working with GitHub to identify whether the tokens have been used to access private repositories.
Users are also instructed to immediately report any issue or vulnerability. The customers must provide a summary report including screenshots, details like OS, browsers, and device details.
The company also assured that reward efforts will be given depending on the severity of the vulnerability. Financial compensation is guaranteed for a vulnerability that scores 4 or higher in CVSS.
Related Article : 23andMe Allegedly Shifts Blame to Victims of Massive Data Breach