CodeShip's Security Incident, Impact on Healthchecks.io
Incident Report for Healthchecks.io
Resolved
Recently, CodeShip, a CI/CD service, reported a security incident: a database containing their production data had been exposed for over a year. CodeShip requests its customers to reset all keys, deployment credentials, and authorization tokens that may have been exposed.

Although Healthchecks.io is not using CodeShip directly, CodeShip had access to a Bitbucket source code repository containing various secrets that the Healthchecks.io production environment uses. While there are no signs of any unauthorized access, we have taken several precautions: the secrets have been reset to new values, the secrets are now being stored in an encrypted form, and CodeShip's access to the Bitbucket repository has been revoked.

For more details, please read: https://blog.healthchecks.io/2020/10/codeship-security-incidents-impact-on-healthchecks-io/

CodeShip's security notification: https://www.codeshipstatus.com/incidents/91bvlfw9xlm9
Posted Oct 23, 2020 - 06:54 UTC