GitHub, Heroku, and Travis-CI, were subject to a wide-scale data breach; the companies have not disclosed the scale and severity of the data breach. 

GitHub and Heroku were the subject of a data breach by a hacker who stole open authorization (OAuth) tokens in an upstream breach. 

GitHub, which is owned by Microsoft, allows users to build, ship, maintain, and store software. The company hosts over 73 million developers and 4 million organizations, including 84 percent of Fortune 100 companies. 

Heroku is a cloud platform as a service company that is owned by SalesForce. It enables developers to build and run applications entirely in the cloud.

Travis CI is a hosted continuous integration service used to build and test software projects hosted on GitHub.

In April 2022, an unknown hacker stole OAuth tokens from software providers Heroku and Travis-CI. OAuth tokens allow a website to access a user’s information on another website without granting full access. The hacker used these tokens to attack GitHub and download data from scores of private organizations’ repositories, including that of software registry npm. GitHub posited that the hacker may be extracting secrets from that data for use in other infrastructure. 

GitHub spotted the breach and notified Heroku and Travis-CI, who were unaware they had been attacked. GitHub revoked the tokens associated with GitHub and npm, analyzed the attacker’s behavior, and released a list of the activities the attacker engaged in on their site. GitHub also notified its customers who were affected by the breach. 

Heroku does not know the full extent of the breach, and is asking customers to perform work to understand whether or not the customer has been breached. On April 26, Heroku stated they will not be reconnecting Github until they can do it safely. 

Have you been affected?

Contact Us






    1 Comment

    1. gateio

      After reading your article, I have some doubts about gate.io. I don’t know if you’re free? I would like to consult with you. thank you.

      Reply

    Submit a Comment

    Your email address will not be published. Required fields are marked *

    Sources

    https://github.com/
    https://news.microsoft.com/announcement/microsoft-acquires-github/
    https://thestack.technology/github-hacked-npm-data-downloaded-in-an-evolving-supply-chain-attack/?amp=1
    https://lifehacker.com/understanding-oauth-what-happens-when-you-log-into-a-s-5918086
    https://www.npmjs.com/
    https://github.blog/2022-04-15-security-alert-stolen-oauth-user-tokens/
    https://thestack.technology/heroku-outage-github-breach/?amp
    https://status.heroku.com/incidents/2413
    https://news.microsoft.com/announcement/microsoft-acquires-github/
    • Auto
    • Finance
    • Home
    • Misc
    • All