InfluxData, a customer of CircleCI, is proactively rotating its secrets following an alert from CircleCI recommending users rotate their secrets due to a potential security exposure. The company uses CircleCI for its Open Source products and stored the Linux packaging signing key with fingerprint 05CE 1508 5FC0 9D18 E99E FB22 684A 14CF 2582 E0C5 in CircleCI, which is being rotated to a new key. InfluxData will provide updates to its repositories once the new key is rolled out, and users must configure their systems to use the new key to continue downloading and verifying software from official InfluxData repositories. The company has verified that its official repositories have not been compromised and that the software signed by the old key can be trusted.