GitHub account of Canonical compromised, but Ubuntu source code safe

1 Mins read
GitHub account

The GitHub account of Ubuntu distributor, Canonical Ltd. was hacked on Saturday, July 6.

The identity of hackers is yet to be discovered, but they gained access to the credentials of the GitHub account and then created eleven temporary empty repositories. These repos were created under the name “CAN_GOT_HAXXD”.

“We can confirm that on 2019-07-06 there was a Canonical owned account on GitHub whose credentials were compromised and used to create repositories and issues among other activities,” confirmed Ubuntu Security team on Twitter.

The Ubuntu security team also confirmed that there are no signs of changes in the source code or any personal information (PII) hosted. The company is still investigating the extent of the breach. The compromised account of Canonical has now been removed.

“Furthermore, the Launchpad infrastructure where the Ubuntu distribution is built and maintained is disconnected from GitHub and there is also no indication that it has been affected,” it added.

Ubuntu has promised to update more information on the incident as soon as the investigation, audit and remediations are finished.

A similar incident happened last year around the same time of the year when an official GitHub account from the Gentoo organization was hacked. In the year 2016, a group of people hacked the most-popular, Linux Mint website as well.

READ NEXT: Ubuntu 19.04 released with focus on open infrastructure, developer desktop, and IoT

1 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

× eight = 56