all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Heroku admits to customer database hack after OAuth token theft

Add to bookmarks
May 5, 2022, 8:06 a.m. | Ax Sharma

BleepingComputer www.bleepingcomputer.com

Heroku has now revealed that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database. The Salesforce-owned cloud platform acknowledged the same compromised token was used by attackers to exfiltrate customers' hashed and salted passwords from "a database." [...]

customer database hack heroku oauth security theft token

Visit resource

More from www.bleepingcomputer.com / BleepingComputer

Ransomware gang targets Windows admins via PuTTy, WinSCP malvertising 5 hours ago | www.bleepingcomputer.com
administrators ads download fake +13
Android malware Grandoreiro returns after police disruption 9 hours ago | www.bleepingcomputer.com
accounts android android banking trojan android malware +16
Banking malware Grandoreiro returns after police disruption 9 hours ago | www.bleepingcomputer.com
accounts banking banking malware banking trojan +14
The Week in Ransomware - May 17th 2024 - Mailbombing is back 1 day, 1 hour ago | www.bleepingcomputer.com
attention back breachforums data +10
Microsoft to start enforcing Azure multi-factor authentication in July 1 day, 4 hours ago | www.bleepingcomputer.com
authentication azure factor july +8
SEC: Financial orgs have 30 days to send data breach notifications 1 day, 7 hours ago | www.bleepingcomputer.com
breach breach notifications data data breach +14
US arrests suspects behind $73M ‘pig butchering’ laundering scheme 1 day, 7 hours ago | www.bleepingcomputer.com
arrests charged crime cryptocurrency +11
WebTPA data breach impacts 2.4 million insurance policyholders 1 day, 8 hours ago | www.bleepingcomputer.com
breach data data breach department +8
Five charged for cyber schemes to benefit North Korea's weapons program 2 days, 4 hours ago | www.bleepingcomputer.com
charged cyber department generated +14

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Consultant Sécurité SI H/F Gouvernance - Risques - Conformité

@ Hifield | Sèvres, France
View on infosec-jobs.com

Infrastructure Consultant

@ Telefonica Tech | Belfast, United Kingdom
View on infosec-jobs.com