Leaked Password Attack Has Been Used to Hack GitHub Accounts

By | June 17, 2016

GitHub Hacked

Most common and Popular code repository website GitHub has warned that attackers is trying the leaked passwords to get account access.

According to the statement given by GitHub,

Some user accounts may have been compromised by hackers using account details from other recent data breaches in order to guess user credentials from the site.

GitHub informed to its users on Thursday that it has reset the passwords of an unspecified number of accounts after they had been compromised by attackers who leveraged credentials leaked from other online services.

GitHub is being used around 14 million people to store data, software programs and coding projects.GitHub informed to its users on that it noticed on Tuesday (14 June 2016) that hackers were making unauthorised attempts to access a large number of its accounts. Attackers are leveraging credentials which is leaked from other online services like MySpaceLinkedIn, and Tumblr.

The company said attackers attempted to access a large number of GitHub accounts. The unauthorised access attempts were detected on Tuesday evening and an investigation revealed that the hackers had managed to log in to a number of accounts.

Hackers are taking long lists of usernames, passwords and email addresses from other services that have been compromised recently and trying them on GitHub accounts until they found a match.

In its Blog postGitHub said

For affected accounts, usernames and passwords are involved. Additionally, for some accounts, other personal information including listings of accessible repositories and organisations may have been exposed.

In order to protect your data we’ve reset passwords on all affected accounts. We are in the process of sending individual notifications to affected users.

If your account is impacted with the attack,GitHub will contact you directly with the information about how to reset your password and restore access to your account, in the blog they said.

GitHub encourage all users to practice good password hygiene and enable two-factor authentication to protect your account.

Subscribe for latest hacking update