Port 22

Heroku Forces User Password Resets Following GitHub OAuth Token Theft

Salesforce-owned subsidiary Heroku on Thursday acknowledged that the theft of GitHub integration OAuth tokens further involved unauthorized access to an internal customer database. The company, in anupdated notification, revealed that a compromised token was abused to breach the database and “exfiltrate the hashed and salted passwords for customers’ user accounts.” As a consequence, Salesforce