Canonical’s GitHub Account has been compromised!

Don’t worry, Ubuntu source code was not impacted!

On July 6, 2019, hackers have breached the GitHub account of Canonical Ltd., the organization behind the Ubuntu Linux distribution.
The company immediately launched an investigation, the good news is that the source code of the popular Linux distro was not impacted.
“We can confirm that on 2019-07-06 there was a Canonical owned account on GitHub whose credentials were compromised and used to create repositories and issues among other activities.” states the Canonical team. “Canonical has removed the compromised account from the Canonical organisation in GitHub and is still investigating the extent of the breach, but there is no indication at this point that any source code or PII was affected.”

https://securityaffairs.co/wordpress/88047/hacking/canonical-github-account-hacked.html

An unknown hacker yesterday successfully managed to hack into the official GitHub account of Canonical, the company behind the Ubuntu Linux project and created 11 new empty repositories.
It appears that the cyberattack was, fortunately, just a “loud” defacement attempt rather than a “silent” sophisticated supply-chain attack that could have been abused to distribute modified malicious versions of the open-source Canonical software.

In a statement, David from Canonical confirmed that attacker(s) used a Canonical owned GitHub account whose credentials were compromised to unauthorizedly access Canonical’s Github account.

“We can confirm that on 2019-07-06 there was a Canonical owned account on GitHub whose credentials were compromised and used to create repositories and issues among other activities,” David said.

“Canonical has removed the compromised account from the Canonical organization in GitHub and is still investigating the extent of the breach, but there is no indication at this point that any source code or PII was affected.”

https://thehackernews.com/2019/07/canonical-ubuntu-github-hacked.html

Related posts

Comments

This site uses Akismet to reduce spam. Learn how your comment data is processed.