Ask HN: Details on 04/2021 DigitalOcean data breach?

31 points

3 years ago

In April 2021, DigitalOcean suffered a data breach [1], exposing some billing details. They informed affected customers by mail and offered to answer any further questions via their [email protected] address.

Since then, I have regularly asked for updates on how this breach happened and if they would publish a postmortem for this event. They assured me that they would share more information once their investigation is complete. In September of that year, they started ignoring my requests for an update, and I haven't heard back from them since.

While this is a relatively minor event in the grand scheme of things, it left a bad taste in my mouth. Did anyone dig deeper into this and got more information on what actually was the cause for this leak? Maybe there's a DigitalOcean employee around who can shed light on this?

[1] https://www.securityweek.com/digitalocean-discloses-breach-involving-billing-information/