Sun. May 29th, 2022

Cloud application platform Heroku has confirmed that the recent cybersecurity incident, in which GitHub integration OAuth tokens were stolen, led to further compromises and resulted in the theft of user information. identification of customers.

After some pressure from the community, to further clarify the incident and why it started sending password reset emails to its customers, the Salesforce-owned company confirmed that the Compromised tokens were used, by unknown thread actors, to obtain hashed information and salted passwords, belonging to its customers, from “a database”.

By Admin

Leave a Reply

Your email address will not be published.