It’s been a rough couple of weeks for people that use the same password on multiple sites. It really should already be abundantly clear that everybody should use unique, strong passwords for every site they log in to. We are, however, seeing yet another example where that hasn’t been the case. The popular code repository GitHub has reported seeing suspicious behavior, and traced that behavior to an individual attempting to gain access to user accounts.
The activity was first noticed on Tuesday, and it quickly became clear that the attacker was trying to access account using lists of usernames and passwords gleaned from other compromised services that we’ve talked about recently. GitHub did not say exactly how many accounts were accessed, only saying that the attacker was able to get into “a number of GitHub accounts.” Go ahead and count this as your second reminder in this article to go and change any duplicate passwords you may have to something unique. Go ahead and do it now, we’ll still be here when you come back.
The good news is that the site itself was not hacked. The attacker would have had access to the usernames and passwords for the accounts that they had accessed, and in some instances the listings of accessible repositories and organizations could have been retrieved as well.
GitHub has proactively reset the passwords for all affected accounts, and they’re in the process of notifying affected users. They urged users (as we have, and will continue to do) to use strong, unique passwords, and to turn on two-factor authentication wherever possible.
Are you a GitHub user whose account has been compromised? Are you happy with GitHub’s response to this attack? Tell us what you think in the comment section below, or on Google+, Facebook, or Twitter.Source: GitHub