Incident report on March 13, 2024

Mintlify experienced a security incident on March 1, 2024, when unauthorized access to admin tokens led to the compromise of 91 GitHub tokens and confirmed access to at least one customer repository. In response, the company immediately revoked all tokens, implemented stringent security measures, and partnered with cybersecurity firms for a thorough investigation. The incident was detected after receiving an email about potential security concerns, which led the team to discover unauthorized requests from an unrecognized device targeting sensitive API endpoints. Despite confirming only one instance of unauthorized repository access, Mintlify took comprehensive steps to bolster security, including patching vulnerabilities, rotating access tokens, and enhancing endpoint authorization protocols. They are also collaborating with cybersecurity firms to prevent future breaches, enhancing monitoring systems, and launching a bounty program to encourage the reporting of security vulnerabilities. Mintlify remains committed to transparency and user security, ensuring that similar incidents do not occur again.