![]() ![]() ![]() None of the affected repositories contained customer data. Once detected on December 7, 2022, our team immediately revoked the compromised credentials and began investigating potential impact to customers and internal systems. On December 6, 2022, repositories from our atom, desktop, and other deprecated GitHub-owned organizations were cloned by a compromised Personal Access Token (PAT) associated with a machine account. To keep using Atom, users will need to download a previous Atom version. ![]() These versions of Atom also will stop working on February 2. There will be no impact to GitHub Desktop for Windows. Please update to the latest version of Desktop. These versions of GitHub Desktop for Mac will stop working on February 2. Revoking these certificates will invalidate some versions of GitHub Desktop for Mac and Atom. As a preventative measure, we will revoke the exposed certificates used for the GitHub Desktop and Atom applications. After a thorough investigation, we have concluded there was no risk to services as a result of this unauthorized access and no unauthorized changes were made to these projects.Ī set of encrypted code signing certificates were exfiltrated however, the certificates were password-protected and we have no evidence of malicious use. On December 7, 2022, GitHub detected unauthorized access to a set of repositories used in the planning and development of GitHub Desktop and Atom. If needed, you can download the latest version of GitHub Desktop from and the latest version of Atom from atom/atom. Februupdate: We have revoked all three certificates: two Digicert code signing certificates used for Windows and one Apple Developer ID certificate. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |