At Zipline, the trust of our customers, and the security of our system and our customers’ data is of utmost importance.
Following Heroku’s announcement of an OAuth breach within their infrastructure, Zipline has undergone a rigorous security audit to ensure that our application has not been affected or compromised by the issue.
We are confident that Zipline is not affected by the breach at Heroku.
We have completed the following steps as part of our audit process: - We have disabled connections to Github (prior to this incident, these were only used to generate review apps, part of our development and QA process, which do not have access to production databases). - We have undergone a full security audit of Github use, and found no unauthorized access to our code base or repositories. - We have reviewed our OAuth-authorized application list to ensure all applications are trustworthy and secure.
We will continue to monitor developments at Heroku and Github in case further information comes to light.