Mintlify Confirms Data Breach Through Compromised GitHub Tokens

Mintlify Scrambles After Security Breach, Revokes Tokens and Implements New Safeguards!
Mintlify Confirms Data Breach Through Compromised GitHub Tokens

Mintlify data breach exposes GitHub tokens of 91 customers. The software documentation platform experienced a security vulnerability that compromised private code access. Mintlify has taken steps to address the issue and users are advised to change passwords and enable 2FA.

A security breach at a software documentation platform, Mintlify, has allowed unauthorized access to 91 GitHub tokens, raising concerns about the potential exposure of private repositories and the need for improved security measures to protect user data. 

For your information, Mintlify assists developers in creating software documentation by requesting access to customers’ GitHub repositories, including fintech, database, and AI startups.

On March 1st, an email raised security concerns about endpoints’ security, leading to unusual requests from an unrecognized device. Some of these requests targeted sensitive API endpoints. 

Mintlify blames the breach on a vulnerability in its systems, discovered by a bug bounty reporter, which allowed the attackers to gain access to private admin tokens, causing unauthorized entry into the system.

It is worth noting that private tokens on GitHub enable users to share account access with third-party apps such as Mintlify. If stolen, attackers could access source code levels as permitted.

Initial probing revealed that compromised GitHub tokens were used to access a customer’s repository, with no evidence suggesting other repositories were accessed.

The company took immediate action by revoking all GitHub token access, rotating admin access tokens, and implementing stringent security measures to mitigate further unauthorized access. 

Furthermore, the vulnerability that exposed admin access tokens was patched. The company is deprecating private tokens to prevent similar incidents and working with GitHub and customers to determine if any other tokens were used by the attacker.

“The users have been notified, and we’re working with GitHub to identify whether the tokens were used to access private repositories,” the startup’s co-founder Hang Wang noted in the blog post.

The extent of the data breach remains unclear. Nevertheless, Mintlify has collaborated with third-party cybersecurity vendors to conduct a thorough investigation and implemented security measures. This includes improving API endpoint monitoring systems, establishing a robust security policy, launching a bounty program for ethical hackers, and re-auditing its 2024 SOC 2 certification. to prevent unauthorized access and ensure user security.

Mintlify advises users to change their password, enable two-factor authentication (2FA), monitor emails for suspicious activity, and review API key permissions. The incident underscores the need to improve cybersecurity for cryptocurrency exchanges, emphasizing the importance of strong passwords and 2FA.

  1. Malware as Dependabot Contributions Strikes GitHub Projects
  2. Massive Data Breach Exposes Info of 43 Million French Workers
  3. Hacker: I used GitHub 0day to hack US Federal contractor Acuity
  4. GitHub Reports Code-Signing Certificate Theft in Security Breach
  5. Scammers Exploit Crypto Hype with Token Factory, Stealing Millions
Related Posts