The Jclouds jenkins plugin can expose your Jclouds Storage credentials if the remote store returns a 401 not authorized. When this happens an exception is thrown which is written to the build's console log and this exception contains the sensitive data. This exception should be caught and handled in a way that does not expose this information in build logs (or any logs ideally).