GitHub hacked: they investigate a leak of up to 4,000 repositories

GitHub hacked: they investigate a leak of up to 4,000 repositories





If you are used to leaving your private repositories on GitHubyou should be alert as it seems that the popular website has been hacked. At the moment there is not much information, and since GitHub They are investigating what happened to provide a more complete report of the events in greater detail. The popular repository service insisted that there was no evidence of this data theftbut the hackers claim to have taken over some accounts.


GitHub detected an infected VS Code extension on an employee’s computer

From your own account X/Twitter from GitHub They have made this incident known, giving some details of this alleged data theft. GitHub has assured that just yesterday they detected and contained a breach on a device belonging to one of your employees who executed a infected VS Code extension. Upon learning of this incident they immediately proceeded to remove the infected version of this extension and they isolated the workplace where it was carried out as an immediate response to the incident.

The attackers claim to have accessed thousands of internal repositories

Additional information, communicated after a few hours, has determined that the current evaluation has managed to filter out some internal GitHub repositories. The figure approximately coincides with that exposed by the hackers, the official source cites some 3,800 repositorieswhile the attackers had determined the theft of some 4,000.

In addition to isolating the infected workplace, the company has carried out other security measures to prevent the expansion of this data theft. They have rotated credentialsprioritizing those with the greatest impact, and have continued to analyze the records to detect any unusual activity that may happen in the next few hours.

GitHub recommends extreme caution as investigation continues

GitHub has committed to publishing a more complete report when they have completed this initial investigation. If you have an account in GitHub It is recommended that, just for safety, change your access passwords and check that everything is correct.

Article Editor: Juan Antonio Soto

Juan Antonio Soto

I am a Computer Engineer and my specialty is automation and robotics. My passion for hardware began at the age of 14 when I broke down my first computer: a 386 DX 40 with 4MB of RAM and 210MB of hard drive. I continue to give free rein to my passion in the technical articles I write for Geeknetic. I dedicate most of my free time to video games, contemporary and retro, on the more than 20 consoles I have, in addition to the PC.