Another Day another Hack indeed. Information about new hacking incidents pop up almost every day now.
In one new incident, GitHub informed their users that it was going to reset the passwords on several of the accounts on their site because of a compromise and hack that cyber attackers had carried out. They also said that the sites had been compromised because of information that had been leveraged due to credentials which had been leaked from other online services.
The problem is that not many people change their account credentials every time, and they also use the same login credentials on each and every site across the Internet. This made it possible for attackers to get passwords from any other leak, for example, the LinkedIn leak which would give them the information to get into someone else’s account on a different site. According to GitHub, this is what happened to them.
The company alleges that several cyber attackers tried to get into a large number of GitHub.com accounts. The site managed to discover the attempts on Tuesday evening last week and an investigation began which disclosed that the hackers had actually managed to enter into a various number of accounts.
In a statement, GitHub said that all affected accounts had usernames and passwords affected. They also said some other accounts might have had personal information such as accessible repositories and organizations also exposed. All affected users were notified, and passwords of any of the affected accounts were reset. The company also assured clients that its systems had not been compromised in any way.
The company also noted that users were encouraged to practice good hygiene when it came to security and privacy matters. Two-factor authentication system was also encouraged to help better protect accounts. It said that attacks of this kind could evolve, and they were looking at ways they could further investigate and monitor in case of new attacks.
The attacks come a few weeks after the reveal of various hacks on different sites. LeakedSource, a paid search engine site has revealed that attacks on different sites such as LinkedIn have shown in excess of 400 hundred million account details. The list of hacked websites included LinkedIn, MySpace, Tumblr, and VK.
The leaks on these different websites have not only affected GitHub. Facebook, Twitter, Reddit, TeamViewer have all been affected by the leaks.
As always, we here at VPNpick suggest that you practice good password management, given the recent events. Also, never forget a VPN for yourself.