Hacker News new | ask | show | jobs
by tpmx 1256 days ago
In this incident, the unauthorized actor exfiltrated customer information on December 22, 2022, which included environment variables, keys, and tokens for third-party systems.

A lot of production AWS/GCP keys are likely stolen for those that deploy from CI/CD.
1 comments
fexecve 1251 days ago
Most people will just update their keys, so I doubt anyone is going to burn botnet cycles on trying to use the keys.
link