Sourcegraph, a platform that uses artificial intelligence to help developers write code, has confirmed that its website was breached by hackers who exploited a leaked site-admin access token.

The company said on its website that the incident occurred on August 30, 2023, when the attackers used the token to create a new site-admin account and gain access to Sourcegraph's APIs and language server protocol.

The language server protocol is a standard that allows different tools to communicate with each other and provides features such as code completion, syntax highlighting, and error checking.

The attackers also created a proxy app that allowed other users to call Sourcegraph's APIs and increase their rate limit, which is the number of requests that can be made per minute.

Sourcegraph's security team detected the breach and revoked the token and the malicious account within an hour. "Only users' names, email addresses, and license keys were accessed, and no personal or private data was compromised," the company commented.

The company also said that it has taken steps to prevent such incidents from happening again, such as rotating all access tokens, auditing all site-admin accounts, and improving its monitoring and alerting systems.

Sourcegraph apologized to its users for the inconvenience and assured them it is committed to protecting their data and privacy.

Sourcegraph is a popular platform with over 1.8 million users, including developers from Uber, Indeed, Reddit, and Dropbox. The platform allows users to search, navigate, and understand code across all repositories and branches.