Canonical Ltd.'s GitHub account, which is distributing Ubuntu Linux, was hacked on Saturday 6 July.
"We can confirm that on 2019-07-06 there was a hacked account on GitHub, whose credentials were used to create repositories and themes among other activities," said the Ubuntu distribution security team.
Canonical has removed the compromised account from GitHub and is still investigating its extent infringements, but there is no indication at this time that source code or PII was affected.
In addition, the Launchpad infrastructure, in which Ubuntu distribution is being deployed and maintained, has been disconnected from GitHub and there is no evidence that it has been compromised.
The Ubuntu Security Team said it plans to publish a public update when it finishes its investigation of the incident, and after carrying out more checks.
According a mirror of the hacked account the Canonical account, the hacker created 11 new GitHub repositories on Canonical's official channel. All new repositories were empty.
Two days prior to the incident, the Bad Packets electronic security services company detected online scans for Git settings files. Such files can often contain Git account credentials, such as those used for code management at GitHub.com.
This weekend security incident is not the first thing the company is experiencing.
Recall that the official Ubuntu forums were violated on three different occasions - in July 2013, the July of 2016 and in December of 2016.
The hackers had the details of 1,82 million users stolen in the July 2013 breach, the details of two million users in July 2016, while in December 2016 it took place deface on the forum.
Do you use Ubuntu? Try the real thing
____________________
- Bootable Windows PE recovery discs that will store your system
- Updates for Samsung scams for 10 millions of users
- Microsoft may close your account after two years of inactivity, unless ..
