It’s something every developer hates to hear:
the B word… Breach.

Especially when it is on a platform they are using day in and day out.

Unfortunately, that’s the reality that many GitHub users woke up to recently. Earlier this year GitHub revealed details about a security breach that allowed an unknown attacker to download data from dozens of private code repositories with two third-party cloud platforms as a service (PaaS) – Heroku and Travis CI – being the targets.

“Our analysis of other behavior by the threat actor suggests that the actors may be mining the downloaded private repository contents …. for secrets that could be used to pivot [attacks] into other infrastructure,” GitHub warned in a blog post.

With the amount of time between identification of the breach, understanding the extent of impacted repos/customers, notification and remediation, attackers may have been able to rapidly expand their reach and carry out a lateral attack.

Let’s explore the details of what happened, and what steps companies can take to protect themselves from similar scenarios.

“Flosum is the best native release management tool that you will fall in love with. I have gained confidence in my role and has given me the ability to view release management from a whole different perspective.”

Faizan Ali
Salesforce Consultant at Turnitin