Attack on GitHub: Data from 3800 internal repositories stolen

Attackers apparently had access to GitHub's internal repositories. The operator of the version control platform initially confirmed to the platform Bleeping Computer and later on X that the company was investigating the unauthorized access to repositories.

According to the post on X, only internal repositories are affected. There are no indications that customer information has been exfiltrated. Should this be the case, GitHub has announced that it will inform those impacted directly through the usual channels.

Malicious code in an extension for Visual Studio Code

Apparently, the entry point was malicious code in a Visual Studio Code extension on an employee's device. According to its statements, GitHub has isolated the endpoint and immediately initiated incident response measures.

(Image: AliaAyah / Shutterstock)

Attack on GitHub: Data from 3800 internal repositories stolen

Other newsrooms on this story

Related reading

GitHub says internal repos exfiltrated after poisoned VS Code extension attack

GitHub Internal Repositories Breached via VS Code Extension

GitHub says hackers stole data from thousands of internal repositories |…

GitHub Confirms 3,800 Internal Repos Stolen Through Poisoned VS Code Extension…

GitHub Confirms Hack Impacting 3,800 Internal Repositories

GitHub Confirms Breach, 4K Internal Repos Stolen