"GitHub discovered and contained a compromised employee device which included an impacted Microsoft Visual Studio Code extension. The cybercrime group TeamPCP has claimed responsibility for the attack and listed GitHub's source code for $50,000 or more. Approximately 3,800 internal repositories are at risk."
"As the company's internal repositories appear to be the focus of the attack, there is no evidence at this time that customers were impacted. Their enterprises, organizations, and repositories should be safe. However, GitHub is monitoring infrastructure for additional activity and will notify any customers it discovers may have been affected."
"TeamPCP does not appear to be ransoming this data. The group has stated they have no intentions of extorting GitHub, they simply want to sell the data to a single buyer."
GitHub reported an incident involving unauthorized access to internal repositories. The company discovered and contained a compromised employee device that included an impacted Microsoft Visual Studio Code extension. TeamPCP claimed responsibility and listed GitHub’s source code for sale for $50,000 or more. Approximately 3,800 internal repositories are at risk. GitHub stated there is no evidence that customers were impacted and that enterprises, organizations, and repositories should remain safe. GitHub is monitoring for additional activity and will notify customers if any are found to be affected. TeamPCP said it is not ransoming the data and intends to sell it to a single buyer.
Read at Securitymagazine
Unable to calculate read time
Collection
[
|
...
]