This new hack comes as a result of several huge data breaches
GitHub informed their users on Thursday that they have reset the login credentials of numerous accounts. These measures were taken after the accounts were compromised by hackers. It is believed that the passwords were stolen as a result of a “leakage” on other online services.
This new hack comes as a result of several huge data breaches on major social media platforms. The reason is that usually, lots of people don’t have the habit of changing their passwords regularly and they may even use the same username and password across multiple websites. This is a very unhealthy habit that allows hackers to easily gain access to most of their accounts. GitHub’s case is apparently another example.
The company detected unauthorized access attempts to a large number of GitHub accounts on Tuesday. Further investigation revealed that hackers managed to log in using the true login credentials of the affected users. The number of the compromised accounts has not been specified yet.
Here is what GitHub said in a blog post:
“For affected accounts, usernames and passwords are involved. Additionally, for some accounts, other personal information including listings of accessible repositories and organizations may have been exposed.”
The system has not been compromised in any way and the company took immediate measure to reset the passwords of the affected accounts. The compromised users were notified accordingly. GitHub also encouraged its users to take preventive measures against account hacks – “We encourage all users to practice good password hygiene and enable two-factor authentication to protect your account” .The investigations are still ongoing and the system is being monitored closely –“These attacks often evolve, and we’re continuing to investigate and monitor for new attack vectors.”
A series of mega breaches have come to light in the past few weeks, with hackers selling hundreds of millions of records on the black market. The records include huge databases with credentials from several major websites. Victims of these breaches are users of Linkedin, MySpace, Tumblr, VC and μTorrent. As a result of the disclosed credentials, many companies were forced to reset the passwords of their users and GitHub is another one of them. Other platforms like Facebook, Netflix, Twitter, TeamViewer and Reddit were also affected by the data leaks and have since been encouraging their users to change their login credentials. Therefore, it is a good idea to change your login details in case you have not done so.