ZDNet

Heroku fesses up to customer password theft due to OAuth token attack

Heroku has explained why it emailed users with a sudden password reset warning earlier this week, and how it was due to the theft of OAuth tokens from GitHub. "[Our investigation] revealed that the ...
ZDNet

Heroku to begin user password reset almost a month after GitHub OAuth token theft

Heroku has alerted a "subset" of its users that it is going to reset their passwords on May 4 unless they change passwords beforehand. In resetting the password, the company is warning that existing ...
Bleeping Computer

Heroku forces user password resets but fails to explain why

Salesforce-owned Heroku is performing a forced password reset on a subset of user accounts in response to last month's security incident while providing no information as to why they are doing so ...
InfoWorld

If Heroku is so special, why is it dying?

Once the darling of application deployment, Heroku has been starved of investment and doesn't offer as many alternative deployment options. With Heroku, there’s always a “but.” For 15 years, I’ve ...
Bleeping Computer

Heroku admits that customer credentials were stolen in cyberattack

Heroku has now revealed that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database. The Salesforce-owned cloud platform acknowledged ...
TechCrunch

Heroku CEO Bob Wise departs

Bob Wise, the CEO of Heroku, Salesforce’s cloud platform as a service (PaaS), has left. A Salesforce spokesperson confirmed the news to TechCrunch in a statement via email. “Bob Wise has left ...