Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.

News > Attacks & Threats > GitHub Confirms Breach, 4K Internal Repos Stolen

GitHub Confirms Breach, 4K Internal Repos Stolen

GitHub confirmed a data breach this week involving the theft of thousands of developer code repositories. One threat actor — TeamPCP — took credit.

GitHub confirmed today it was breached via an attacker that stole thousands of internal repositories.

TeamPCP, a financially motivated threat actor that has relentlessly targeted the open source ecosystem, yesterday published a post to a prominent Dark Web data breach forum that it would sell internal source code and organization data stolen from GitHub. This totaled "~4,000 repos of private code," according to the advertisement, and was for sale to an interested buyer. More here

Similar Stories

Threat actors can easily steal one-time passwords sent by text when they conduct a SIM swap attack. This can lead to account takeovers, so users must layer up their security measur… More...

A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem ra… More...

In addition to executing entirely in memory, the malware's infection chain incorporates other anti-analysis techniques d… More...

The disgruntled researcher released yet another PoC for a Windows Defender bug that allows for system takeover, showing … More...

“Ghost-Sender" is the result of a widespread misconfiguration, according to researchers, and evidence indicates it's bei… More...

Have your say

 

News Categories

Threat actors can easily steal one-time passwords sent by text when they conduct a SIM swap attack. This can lead to account takeovers, so users must layer up their security measur… More...

A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem ra… More...

In addition to executing entirely in memory, the malware's infection chain incorporates other anti-analysis techniques d… More...

The disgruntled researcher released yet another PoC for a Windows Defender bug that allows for system takeover, showing … More...

“Ghost-Sender" is the result of a widespread misconfiguration, according to researchers, and evidence indicates it's bei… More...

image

Contact Us

Security Interest Group Switzerland
c/o Bridge Head AG
Sulzbergstrasse 34
5430 Wettingen
Switzerland

Follow Us

This website is powered by
ToucanTech