title

CircleCI incident report for January 4, 2023 security incident | CircleCI

charset

utf-8

Content-Security-Policy

default-src 'self' d3r49iyjzglexf.cloudfront.net dsbai75kcyzl9.cloudfront.net d2qm0z2kzhiwa.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' d3r49iyjzglexf.cloudfront.net dsbai75kcyzl9.cloudfront.net d2qm0z2kzhiwa.cloudfront.net www2.circleci.com j.6sc.co *.algolia.net *.algolianet.com https://cdn-assets-prod.s3.amazonaws.com/js/preview2/ https://r2d2-inbound-js-store-production.s3.us-east-1.amazonaws.com/065621a0-abdf-4dad-b9b3-28b202628b05/jeeva.js https://s3-us-west-2.amazonaws.com/b2bjsstore/b/LNKLDHM3E2OJ/reb2b.js.gz cdn.amplitude.com https://www.clarity.ms/tag/uet/ tags.clickagy.com https://a.clickcertain.com/px/li/ cdnjs.cloudflare.com/ajax/libs/ dn1f1hmdujj40.cloudfront.net/js/ consent.cookiebot.com consentcdn.cookiebot.com https://www.datadoghq-browser-agent.com googleads.g.doubleclick.net/pagead/ connect.facebook.net www.google.ca/pagead/ www.google.co.jp/pagead/ www.google.co.uk/pagead/ www.google.com/pagead/ https://www.google.com/recaptcha/ www.google.ie/pagead/ www.google-analytics.com www.googleadservices.com/pagead/ www.googletagmanager.com https://boards.greenhouse.io/embed/job_board/js https://www.gstatic.com/recaptcha/ https://b.st-hatena.com/js/bookmark_button.js *.hotjar.com *.hotjar.io https://js.hs-analytics.net/analytics/ https://js.hsadspixel.net/fb.js https://js.hs-banner.com/v2/45466221/banner.js js.hs-scripts.com/45466221.js https://js.hscollectedforms.net/collectedforms.js https://js.hsforms.net/forms/embed/v2.js https://js.hubspot.com/web-interactives-embed.js cdn.jsdelivr.net/clipboard.js/ https://cdn.jsdelivr.net/npm/[email protected]/dist/algoliasearch-lite.umd.js https://cdn.jsdelivr.net/npm/[email protected]/dist/instantsearch.production.min.js https://cdn.jsdelivr.net/npm/[email protected]/build/js/utils.js https://b-code.liadm.com/lc2.js https://d-code.liadm.com/did-008f.min.js https://i.liadm.com/s/56408 https://www.line-website.com/social-plugins/js/thirdparty/loader.min.js munchkin.marketo.net snap.licdn.com/li.lms-analytics/ in.ml314.com ml314.com cdn.optimizely.com/js/ cdn3.optimizely.com/js/ app.optimizely.com https://master-py3-monolithapp.app.optimizely.com/ https://optimizely.s3.amazonaws.com/js/ platform.twitter.com *.qualified.com a.quora.com https://a.remarketstats.com/px/li-co/ cdn.segment.com https://cdn.sprig.com https://tags.srv.stackadapt.com/events.js cookie.sync.usonar.jp cdn.cookie.sync.usonar.jp apis.usonar.jp https://a.usbrowserspeed.com/cs https://opps-widget.getwarmly.com www.youtube.com/iframe_api www.youtube.com/s/player/ https://ws.zoominfo.com/pixel/ 'unsafe-inline' 'unsafe-eval' https://unpkg.com/@highlightjs/ https://js.zi-scripts.com/zi-tag.js; style-src 'self' d3r49iyjzglexf.cloudfront.net dsbai75kcyzl9.cloudfront.net d2qm0z2kzhiwa.cloudfront.net www2.circleci.com fonts.googleapis.com www.googletagmanager.com/debug/ https://cdn.jsdelivr.net/npm/[email protected]/themes/reset-min.css https://tags.srv.stackadapt.com/sa.css *.qualified.com 'unsafe-inline' https://unpkg.com/@highlightjs/; font-src 'self' d3r49iyjzglexf.cloudfront.net dsbai75kcyzl9.cloudfront.net d2qm0z2kzhiwa.cloudfront.net fonts.gstatic.com/s/ *.hotjar.com *.hotjar.io; frame-src 'self' www2.circleci.com consentcdn.cookiebot.com bid.g.doubleclick.net https://td.doubleclick.net www.facebook.com https://www.google.com/ www.googletagmanager.com https://boards.greenhouse.io https://b.hatena.ne.jp/entry/button/ https://*.hotjar.com *.hotjar.io https://forms.hsforms.com/ https://social-plugins.line.me/widget/ a8188917468.cdn.optimizely.com *.qualified.com platform.twitter.com syndication.twitter.com player.vimeo.com www.youtube.com https://job-boards.greenhouse.io; base-uri 'self'; connect-src 'self' d3r49iyjzglexf.cloudfront.net dsbai75kcyzl9.cloudfront.net d2qm0z2kzhiwa.cloudfront.net https://*.circleci.com/ http://localhost:5338 c.6sc.co https://eps.6sc.co/v3/company/details https://epsilon.6sense.com/v3/company/details https://epsilon-globalaccelerator.6sense.com/v3/company/details https://epsilon-cloudfront.6sense.com/v3/company/details https://ipv6.6sc.co/ https://v.eps.6sc.co/v ib.adnxs.com https://secure.adnxs.com/ *.algolia.net *.algolianet.com https://alocdn.com/c/vn3d8u2u/a/xtarget/p.json https://cdn-assets-prod.s3.amazonaws.com/js/preview2/ api.amplitude.com https://azureatom2.westus3.cloudapp.azure.com:9091/ws/simple/ https://*.browser-intake-datadoghq.com https://aorta.clickagy.com hemsync.clickagy.com/external/ https://cdn.contentful.com/spaces/il1yandlcjgk/environments/master/ https://consentcdn.cookiebot.com/consentconfig/a28b71f3-4d2e-4eac-93bc-34929948dd7d/settings.json https://consentcdn.cookiebot.com/consentconfig/f367f93a-d685-4a2d-8111-1beb2859536e/settings.json *.g.doubleclick.net https://www.facebook.com/tr/ https://opps-api.getwarmly.com/api/sessions/trpc/ https://opps-api.getwarmly.com/api/socketio/ wss://opps-api.getwarmly.com/api/socketio/ https://analytics.google.com/g/ https://google.com/ccm/form-data/ www.google.ca/pagead/ www.google.co.jp/pagead/ www.google.co.uk/pagead/ www.google.com/pagead/ https://google.com/pagead/form-data/ www.google.ie/pagead/ www.google-analytics.com www.googleadservices.com/pagead/ https://www.google.com/ccm/collect *.hotjar.com:* *.hotjar.com *.hotjar.io wss://ws.hotjar.com/api/v2/client/ws https://hubspot-forms-static-embed.s3.amazonaws.com/prod/45466221/ https://forms.hscollectedforms.net/collected-forms/v1/config/json https://forms.hsforms.com/embed/v3/form/45466221/ https://forms.hsforms.com/emailcheck/v1/ https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json https://forms-na1.hubspot.com/submissions-validation/v1/validate/ https://pro.ip-api.com/json https://ipapi.co/json *.liadm.com https://px.ads.linkedin.com/attribution_trigger https://px.ads.linkedin.com/wa/ 485-zmh-626.mktoresp.com/webevents/ app.optimizely.com/api/client/ errors.client.optimizely.com/log logx.optimizely.com/v1/events https://master-py3-monolithapp.app.optimizely.com/api/client/ tapi.optimizely.com/api/ *.qualified.com wss://ws.qualified.com https://api.rollbar.com/api/1/item/ api.segment.io/v1/ cdn.segment.com/v1/ https://api.sprig.com https://cdn.sprig.com https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://a.usbrowserspeed.com/cs ws.zoominfo.com/pixel/ https://js.zi-scripts.com/unified/v1/master/getSubscriptions https://js.zi-scripts.com/unified/v1/master/logError; object-src 'none'; form-action 'self' www.facebook.com/tr/ https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/ platform.twitter.com syndication.twitter.com; media-src 'self' d3r49iyjzglexf.cloudfront.net dsbai75kcyzl9.cloudfront.net d2qm0z2kzhiwa.cloudfront.net https://videos.ctfassets.net/il1yandlcjgk/ mediastream: *.qualified.com;

X-UA-Compatible

IE=edge,chrome=1

viewport

width=device-width, initial-scale=1.0

og:title

CircleCI incident report for January 4, 2023 security incident

og:description

Read the complete incident report from CircleCI’s January 4, 2023 security alert.

og:url

https://circleci.com/blog/jan-4-2023-incident-report/

og:site_name

CircleCI

og:image

https://ctf-cci-com.imgix.net/1yYERrcJtNkaXwiaLOBtRW/a7ac6b11a20e00ce472bc9a7a65735b3/rba-plain-logo-v3.jpg?ixlib=rb-3.2.1&w=1200&fit=max&q=60&fm=jpg

twitter:card

summary_large_image

twitter:site

@circleci

twitter:creator

@

alternate

/blog/feed.xml

apple-touch-icon

https://d2qm0z2kzhiwa.cloudfront.net/blog/assets/blog/meta/apple-touch-icon-ae782d6339f660e1c51fe68f58d7f0bb.png

canonical

https://circleci.com/blog/jan-4-2023-incident-report/

icon

https://d2qm0z2kzhiwa.cloudfront.net/blog/assets/blog/meta/android-chrome-512x512-b0a3962c7ec90ae60cb31f99a3fc37b5.png

icon

https://d2qm0z2kzhiwa.cloudfront.net/blog/assets/blog/meta/android-chrome-192x192-4b4b8e31a8e09d0c50661d56be7abe09.png

en

https://circleci.com/blog/jan-4-2023-incident-report/

ja

https://circleci.com/ja/blog/jan-4-2023-incident-report/

x-default

https://circleci.com/blog/jan-4-2023-incident-report/