GitHub detected and contained a breach via a poisoned VS Code extension on an employee device, leading to unauthorized access to internal repositories.
Key Takeaways
Attack vector was a malicious VS Code extension installed on an employee device; GitHub removed the compromised extension version.
GitHub is sharing active investigation details, suggesting the incident is recent and response is ongoing.
Internal repositories were accessed, scope of data exposure not yet fully disclosed in the available statement.
Hacker News Comment Review
Commenters report 3,800 internal repos were exposed, a detail not in GitHub’s official statement and should be treated as unverified.
Discussion is early and thin; no technical consensus yet on supply chain implications or attacker identity.
Notable Comments
@claaams: Claims 3,800 internal repos exposed – unverified but the most specific data point in the thread.