CircleCI has reported an increase in phishing attempts where attackers impersonate the platform to access users' GitHub code repositories, although no breach of CircleCI systems has occurred, and customer data remains secure. The company emphasizes the importance of being vigilant against social engineering threats, such as phishing, which exploit manipulation rather than system vulnerabilities to gain unauthorized access. CircleCI reassures users that official communications will only contain links to circleci.com or its sub-domains and will not request logins for terms of service updates. The company commits to notifying users of future phishing attempts through multiple channels, including in-app messaging and social media, and encourages users to verify suspicious communications by contacting their security team.