GitHub Notifies Users of Unauthorized Access

Bare Metal Servers and Cloud Server Hosting

InetServices offers both Windows and Linux bare metal server hosting, and cloud server hosting for any small to medium size business. We also offer both PCI and HIPAA Compliant servers allowing you to achieve PCI or HIPAA Compliance without all the worries of figuring it out. InetServices offers much more than just dedicated servers and cloud servers, we offer you a complete solution to your hosting needs including Big Data, Disaster Recovery, and High Availability services.

GitHub Notifies Users of Unauthorized Access

GitHub revealed in a brief blog post Thursday that it is the latest site to be subjected to a reused password attack. The attack, which was detected Tuesday evening PST, compromised the usernames and passwords of an unspecified number of accounts, and possibly other personal information. GitHub’s investigation of the incident is ongoing.

The passwords of affected accounts have been reset, and GitHub is in the process of sending individual notifications to account holders.

GiHub became aware of a large number of unauthorized attempts to access accounts, apparently by an attacker using credentials obtained from breaches at other sites, according to the blog post.

“We immediately began investigating, and found that the attacker had been able to log in to a number of GitHub accounts,” the blog post says. “GitHub has not been hacked or compromised.”

All users are urged “to practice good password hygiene and enable two-factor authentication.”

While media attention has been focussed recently on a LinkedIn breach from 2012 after social media accounts belonging to Facebook founder Mark Zuckerberg were hijacked, GitHub does not name a breach source, and uses the plural in the announcement. A Tumblr breach in 2013 was recently estimated to have involved 65 million accounts.

GitHub experienced a sustained DDoS attack in 2015, allegedly originating in China.

Source: TheWHIR