On June 6th, our team received a security report from a customer who had run an import from a 3rd party system. The resulting imported issues contained an image they didn’t recognize that appeared to belong to a different Linear workspace. Four hours later, our engineering lead escalated and started a security incident to investigate and remedy the potential issue. This initial response was slower than typical due to an ongoing company-wide offsite. We quickly were able to verify the issue and shut down all Linear importers to prevent any further damage. After a brief investigation, the engineering team identified and fixed the root issue that resulted in exposing the file.
All times are in UTC on June 6th, 2023.
7:13a - Initial customer report received
Our team receives a security report from a customer who had run an import from a 3rd party system. Resulting imported issues contained an image they didn’t recognize that appeared to belong to a different Linear workspace.
8:26 - Escalation message received from impacted customer
The customer whose data appeared to have been leaked reaches out to escalate the issue through direct message in our Slack community after also being contacted independently by the initial customer.
11:27 - Security incident started
The direct message above is read and responded to – the seriousness of the potential bug is immediately apparent and our engineering lead triggers a high priority security incident to investigate and collaborate on a resolution.
11:33 - Acknowledgement to customer message sent
Our support team responds to the customer who first reported the issue to acknowledge receipt.