The New York Times has gotten owned through Github, the repository service that allows you to store data including projects and the like to the cloud.
Say it with me. No exposing private tokens that could give access to my data.
While I don’t run Github, I refuse to sign up even as someone to comment on things as I’m not a programmer and there would be no use for me really there.
It seems like everything that the NY Times had up there could be at risk, although the NY Times says nothing was affected by this breach as they’re running normally.
Again, this goes back to January, and we’re finding out now. Its at least 5 months, since we don’t know in January they were owned.
New York Times source code stolen using exposed GitHub token is the article.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.