Laptop security aside (this is a hard problem and good solutions can often be detrimental in other ways) there should have been way, way more auditing around access to customer repos. The fact that it took so long to both mitigate further access and to understand the rough scope of the hack is concerning.
More broadly... it shouldn't be that easy to get encryption keys to everyone's secret env variables used for CI jobs.
More broadly... it shouldn't be that easy to get encryption keys to everyone's secret env variables used for CI jobs.