On the bitly user data compromise (your data is as safe as your backups): “We audited the security history for our hosted source code repository that contains the credentials for access to the offsite database backup storage and discovered an unauthorized access on an employee’s account. We immediately enabled two-factor authentication for all Bitly accounts on the source code repository”
“…source code repository that contains the credentials…” Is that a separate repository just for the credentials, or are the credentials just littered throughout their source code?
I think it’s separate.