CodeShip's Security Incident, Impact on
Incident Report for
Recently, CodeShip, a CI/CD service, reported a security incident: a database containing their production data had been exposed for over a year. CodeShip requests its customers to reset all keys, deployment credentials, and authorization tokens that may have been exposed.

Although is not using CodeShip directly, CodeShip had access to a Bitbucket source code repository containing various secrets that the production environment uses. While there are no signs of any unauthorized access, we have taken several precautions: the secrets have been reset to new values, the secrets are now being stored in an encrypted form, and CodeShip's access to the Bitbucket repository has been revoked.

For more details, please read:

CodeShip's security notification:
Posted Oct 23, 2020 - 06:54 UTC