go to sections menu

Microsoft’s GitHub Account Hacked – 500 GB Of Microsoft’s Private GitHub Repositories Data Stolen from blog The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: article commentary > Microsoft’s GitHub Account Hacked – 500 GB Of Microsoft’s Private GitHub Repositories Data Stolen

Go to Homepage, contents or to navigation menu



Microsoft’s GitHub Account Hacked – 500 GB Of Microsoft’s Private GitHub Repositories Data Stolen

On May 10th 2020: an article entitled Microsoft’s GitHub Account Hacked – 500 GB Of Microsoft’s Private GitHub Repositories Data Stolen was published to bleeping computer and tweeted out. I read the article closely, to determine whether I should talk about this or not.

I have one problem with this article. If it was confirmed to be not harmful, and the actor(s) behind it decided to put it out instead of selling it, why talk about it? From what I’m reading, Microsoft is releasing code after 30 days, so is there a breach here or what? I’m kind of confused about this.

I’m using the same article title on my blog and linking to this article and I’m curious what people think of this. Was there a genuine leak, or is there something else going on?


Informazioni sull'articolo

Microsoft’s GitHub Account Hacked – 500 GB Of Microsoft’s Private GitHub Repositories Data Stolen was released on May 11, 2020 at 11:43 am by tech in article commentary.
Last modified: May 10, 2020.


Comments (3)

  1. Comment by crashmaster date 12 May 2020 alle 10:40 (), Rispondi

    I am not sure how getting access to a site and releasing a bunch of things due for the end of the month to be put out early is that big of a deal myself.
    I mean its a month, its opensource stuff and its free.
    What is an issue is how they got in.
    You may use google and facebook accounts to get into github and github itself is secure and a lot of people especially for opensource communities use it.
    I really hope this is not a push for microsoft to start requiring every user to use a microsoft account for github.
    Github is used by many people globally.
    Its a good thing to have about.
    But since microsoft owns this they could use it as an excuse for their own reasons to do who know what to it.
    Use their own accounts, make people pay for example.
    But you are right these are not trade secrets as such, its stuff that may not be completed.
    At any rate, if I were microsoft, I wouldn’t use private repos if they are that concerned about being hacked.
    Its a fucking opensource platform for god sake!

    If this is true, it will probably mean microsoft will have an excuse to fuck the users about.
    Sure if its true things need to get fixed, but you need an account to get into github.
    Thats quite secure as it is.
    I guess we will see more captchas but really.
    You go that far with security and people may just pull out of github completely and use something like gitlab which is not microsoft run.

  2. Comment by tech date 12 May 2020 alle 11:01 (), Rispondi

    I was unaware that get hub was microsoft based. But thats why I posted this, because I’m unclear if there was really a hack here, or what the deal was. Sure seems suspicious to me.

  3. Comment by crashmaster date 14 May 2020 alle 12:58 (), Rispondi

    Well microsoft owns github now but has chosen to keep it as is.
    That means github is opensource and has its enterprise plans.
    You can login with a github account and a gmail.
    There is no microsoft branding at all.
    As I said I don’t know if you can call a hack of releases of stuff due to be released at the end of a month a big issue.
    But the fact that someone managed to get past all the security and certification is a small concern but not huge.
    Probably something expired or something.
    What I really don’t think we need is a company getting hacked and suddenly going ape at its legally paying or whatever customers.
    While microsoft has some of its activations down pat now.
    Its still basically, lose your key and buy another product at the expensive price.
    There are some ways about that in grey areas to get some licences but there are also alegal ways to.
    Point is, like all this digital rights management while in theory it should protect the copywrite holder its more of a reason people may either pirate or not use your stuff due to the fact its just to hard to get in.

Leave a comment

Message form







go to sections menu


navigation menu

go to sections menu