The software integration firm CircleCI has informed its clients that a third-party analytics vendor suffered an incident exposing login information for their GitHub and Bitbucket accounts. The company said in a statement it was informed of the breach on 31 August, but affected customers who accessed the CircleCI platform starting June 30, 2019. The information compromised included usernames and email addresses associated with GitHub and Bitbucket and IP addresses and user agent strings. Additionally, organisation name, repository URLs and names, branch names, and repository owners may have been accessed.
Source: SC Magazine