Heroku has now revealed that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database. The Salesforce-owned cloud platform acknowledged the same compromised token was used by attackers to exfiltrate customers’ hashed and salted passwords from “a database.” […]
Home>Secure Hunter Blog>Anti-Malware News>Heroku admits that customer credentials were stolen in cyberattack