diff --git a/monkey/common/events/credentials_stolen_events.py b/monkey/common/events/credentials_stolen_events.py
index 06d2f967e..8c7dfdd1e 100644
--- a/monkey/common/events/credentials_stolen_events.py
+++ b/monkey/common/events/credentials_stolen_events.py
@@ -4,6 +4,7 @@ from pydantic import Field
 
 from common.credentials import Credentials
 
+from ..credentials.encoding import SecretEncodingConfig
 from . import AbstractAgentEvent
 
 
@@ -16,3 +17,6 @@ class CredentialsStolenEvent(AbstractAgentEvent):
     """
 
     stolen_credentials: Sequence[Credentials] = Field(default_factory=list)
+
+    class Config(SecretEncodingConfig):
+        pass
diff --git a/monkey/tests/unit_tests/common/credentials/test_credentials.py b/monkey/tests/unit_tests/common/credentials/test_credentials.py
index 09d68a4c3..9577a8fe9 100644
--- a/monkey/tests/unit_tests/common/credentials/test_credentials.py
+++ b/monkey/tests/unit_tests/common/credentials/test_credentials.py
@@ -16,8 +16,7 @@ from tests.data_for_tests.propagation_credentials import (
 )
 
 from common.base_models import InfectionMonkeyBaseModel
-from common.credentials import Credentials
-from common.credentials.credentials import get_plaintext
+from common.credentials import Credentials, get_plaintext
 
 
 @pytest.mark.parametrize(
diff --git a/monkey/tests/unit_tests/common/events/test_credentials_stolen_events.py b/monkey/tests/unit_tests/common/events/test_credentials_stolen_events.py
new file mode 100644
index 000000000..df200f550
--- /dev/null
+++ b/monkey/tests/unit_tests/common/events/test_credentials_stolen_events.py
@@ -0,0 +1,26 @@
+from tests.data_for_tests.propagation_credentials import (
+    CREDENTIALS,
+    PLAINTEXT_LM_HASH,
+    PLAINTEXT_NT_HASH,
+    PLAINTEXT_PASSWORD,
+    PLAINTEXT_PRIVATE_KEY,
+)
+from tests.unit_tests.monkey_island.cc.models.test_agent import AGENT_ID
+
+from common.events import CredentialsStolenEvent
+
+TEST_EVENT = CredentialsStolenEvent(stolen_credentials=CREDENTIALS, source=AGENT_ID)
+
+
+def test_credentials_stolen_event_serialization_json():
+    serialized_event = TEST_EVENT.json()
+    assert PLAINTEXT_PASSWORD in serialized_event
+    assert PLAINTEXT_LM_HASH in serialized_event
+    assert PLAINTEXT_NT_HASH in serialized_event
+    assert PLAINTEXT_PRIVATE_KEY in serialized_event
+
+
+def test_credential_stolen_event_deserialization_json():
+    serialized_event = TEST_EVENT.json()
+    deserialized_event = CredentialsStolenEvent.parse_raw(serialized_event)
+    assert deserialized_event == TEST_EVENT