Mintlify Data Breached, Revokes Compromised Github Tokens and Implements New Security Measures!
Mintlify recently encountered a data breach that led to the exposure of GitHub tokens belonging to 91 customers.
This incident occurred due to a security vulnerability in the software documentation platform, resulting in compromised access to private code.
Mintlify has promptly taken measures to resolve the issue. As a precautionary measure, users are strongly advised to update their passwords and activate two-factor authentication (2FA) for enhanced security.
This incident has raised concerns regarding the potential exposure of private repositories and the necessity for enhanced security measures to safeguard user data.
Mintlify offers assistance to developers in generating software documentation by requesting access to customers’ GitHub repositories, encompassing various sectors such as fintech, database, and AI startups.
Mintlify Data Breached Because of a API Vulnerability in Its Systems
On March 1st, an email highlighted security issues regarding the security of endpoints, which subsequently led to unusual requests originating from an unknown device. It is worth noting that some of these requests specifically targeted sensitive API endpoints.
Mintlify has attributed the security breach to a vulnerability in its systems, which was identified by a bug bounty reporter. This vulnerability enabled the attackers to obtain private admin tokens, leading to unauthorized entry into the system.
Private tokens on GitHub allow users to grant account access to third-party applications like Mintlify. If these tokens are stolen, attackers can gain access to source code at the permitted level.
Initial investigation indicates that the compromised GitHub tokens were used to access a specific customer’s repository, and there is currently no evidence to suggest that other repositories were accessed.
In Response to the Breach Mintlify Revoked Access to All GitHub Tokens
In response to the security breach, Mintlify promptly took several actions to address the issue. They revoked all access to GitHub tokens, rotated admin access tokens, and implemented robust security measures to minimize the risk of further unauthorized access.
Additionally, they patched the vulnerability that led to the exposure of admin access tokens. As a preventive measure, Mintlify is deprecating private tokens to avoid similar incidents in the future.
The company is also collaborating with GitHub and its customers to determine if any other tokens were exploited by the attacker.
“The users have been notified, and we’re working with GitHub to identify whether the tokens were used to access private repositories,”
Thestartup’s co-founder Hang Wang noted in the blog post.
Mintlify Collaborates with Third Party Cybersecurity Vendors to Conduct Investigation into the Breach
The extent of the Mintlify data breach is currently uncertain. However, Mintlify has collaborated with third-party cybersecurity vendors to conduct a thorough investigation and has implemented various security measures.
These measures include enhancing API endpoint monitoring systems, establishing a comprehensive security policy, launching a bounty program for ethical hackers, and conducting a re-audit of its 2024 SOC 2 certification.
These steps are can prevent unauthorized access and ensure the security of users. Mintlify recommends that users take certain precautions, such as changing their passwords and enabling two-factor authentication (2FA), They also recommend reviewing API key permissions and monitoring their emails for any suspicious activity.
