On June 16, 2026, security researchers from Truffle Security responsibly disclosed that a Torizon Containers access token had been inadvertently exposed in a public GitLab CI artifact. We appreciate their professionalism in following responsible disclosure practices.
Upon notification, our security team immediately revoked the token and conducted a comprehensive forensic audit covering the entire exposure window. Our investigation conclusively determined that no unauthorized access occurred, no customer data or production systems were affected, and no action is required by customers.
We have since implemented additional safeguards to prevent similar exposures in the future. We remain committed to the security of our software supply chain and to transparency with our customers and partners.
For any questions, please contact support@torizon.io.