Hackers breach Canonical GitHub account

News by Teri

Hackers compromised credentials to break into a Canonical Ltd. GitHub account, but apparently did not lift sensitive information or manipulate source code

Hackers compromised credentials to break into a Canonical Ltd. GitHub account and created repositories, but apparently did not lift sensitive information or manipulate any source code.

"We can confirm that on 2019-07-06 there was a Canonical owned account on GitHub whose credentials were compromised and used to create repositories and issues among other activities. Canonical has removed the compromised account from the Canonical organisation in GitHub and is still investigating the extent of the breach, but there is no indication at this point that any source code or PII was affected," the Ubuntu security team tweeted.

The team thus far has found "no indication" that the Launchpad infrastructure where Ubuntu distribution is built was affected by the breach, noting that the infrastructure is disconnected from GitHub.

The hackers created 11 new repositories named "CAN_GOT_HAXXD."

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop