Earlier today we became aware of a phishing attempt for customers’ CircleCI and GitHub credentials. We have no reason to believe your organization has been specifically targeted or that your account has been compromised, but want our customers to be aware that there is an ongoing phishing attempt and to exercise due caution.
This is an example of the email impersonating CircleCI in an attempt to gain access to your account:
If you believe you or someone on your team may have accidentally clicked a link in this email, please immediately rotate your credentials for both GitHub and CircleCI, and audit your systems for any unauthorized activity.
If you need help or have any questions, please do not hesitate to reach out to our team.
To better building,
The Team at CircleCI