Microsoft GitHub account reportedly hit in huge cyberattack

500GB of data allegedly stolen from Microsoft’s GitHub account

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsoft’s privateGitHubaccount has been hacked in a major cybersecurity incident for the company.

A hacker known as Shiny Hunters told BleepingComputer they had gained full access into Microsoft’s account, including supposedly ‘Private’ repositories, and had already downloaded 500GB of private projects.

Microsoft acquired the open-source library in June 2018 for $7.5 billion, giving the computing giant access to the world’s largest collection of code, with many developers using it as a repository for projects.

GitHub hack

GitHub hack

BleepingComputer noted that the timestamps on the leaked files suggest the attack occured on March 28 2020, but Microsoft has yet to admit to any issues.

Shiny Hunters said he no longer has access to the account, and now plans to leak the data online, having decided not to sell the information online.

The hacker had offered 1GB of files for sale on a well-known hacker forum, but members of the site had claimed the data was fake.

BleepingComputer’s analysis deduced that the stolen data was mainly code samples and test projects, as well as containing an eBook and other generic items. However the private repositories within the cache could contain information pertaining to upcoming Microsoft or GitHub projects, with potential source code leaks or new software build information inside.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

There was no suggestion of any GitHub user data having been compromised or leaked during the breach, but similar past attacks have seen such information included in private repositories in the past.

TechRadar Prohas contacted Microsoft for comment, and will update this story if a reply is sent.

Via:BleepingComputer

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK’s leading national newspapers and fellow Future title ITProPortal, and when he’s not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Should your VPN always be on?

3 reasons why PIA fell in our best VPN rankings

After Arcane season 1 ended on a stunning cliff hanger, its creators say it was ‘always the plan’ for those characters to die in the season 2 premiere