In an Automattic Slack channel:
“@channel My Github account “m” was compromised due to this CircleCI phishing campaign, if you think you may have clicked on this as well and entered credentials, please let systems know in [redacted]. Also check your Authorized Oauth apps and SSH keys for anything unusual.”
There were several hundred emoji responses.
Less than a third of these expressed ‘shock’
This was posted Monday 19 September.
There have been no public details about what could have been copied, what changes had been made, what the effects of any changes might have had.
Automattic is a private company so there is no requirement on disclosure, but employees, including those that have internal Automattic stock, have no information on how this could impact the company.