June 25, 2018, 06:34:25 PM

Author Topic: Github.com - mail communication compromised  (Read 250 times)

Offline Derron

  • Hero Member
  • *****
  • Posts: 1098
Github.com - mail communication compromised
« on: January 12, 2018, 04:31:21 PM »
Just received this on my github-mail-account:

Quote
On Friday, January 5, 2018, Mailgun, a mail service provider we utilize for a small number of services such as support ticket notifications and legacy service hooks, notified us that it had experienced a compromise: http://blog.mailgun.com/mailgun-security-incident-and-important-customer-information/

While GitHub itself has not been compromised, our Security team has carefully investigated this event to ascertain its impact on our users. Our investigation indicates that this event affects a very small portion of the GitHub community. However, in keeping with our belief that user privacy and security are essential, we remain as transparent as possible about events like these. If you are receiving this email, you may have been affected by the Mailgun compromise in one of the following ways:

- An attacker had access to email addresses and subject lines for very limited GitHub user correspondence with GitHub support related to password resets via support@github.com between November 26, 2017 and December 21, 2017. The attacker also had access to the contents of these emails for a narrower period of time. If GitHub Support provided a password reset link to you in direct support correspondence via support@github.com during these time periods, reset your password immediately here: https://github.com/password_reset

- The attacker had access to email addresses and subject lines for limited GitHub.com legacy service hook email notifications between November 5, 2017 and December 21, 2017. The attacker would have also had access to the contents of these notifications for a narrower period of time. These notifications may include commit messages for private repositories, which could include the content of code or other confidential information. Though we do not advise committing credentials or other highly sensitive information to repositories, should your service hook notifications have included sensitive information such as passwords or keys, we advise that you delete or reset those credentials. A very small subset of GitHub repositories use legacy service hooks; more information on webhooks, the newer replacement for service hooks, is available here: https://developer.github.com/webhooks/ More information on legacy service hooks is available here: https://github.com/github/github-services

As noted above, GitHub was not compromised during this event. The attacker only had access to Mailgun and Mailgun logs associated with specific search queries primarily related to cryptocurrency and password resets. This event has been resolved and the attacker no longer has access to any Mailgun resources utilized by GitHub. Please carefully consider the impacts above and act to protect your account or data appropriately as outlined. If you have any questions or concerns about how you may have been impacted, please contact GitHub support at https://github.com/contact and include the reference number below.

Sincerely,
GitHub Security


####referencenumber-removed####

Dunno if all users got this, or only the ones who really might have been affected (I change my password some times in the year - especially if I recognize I forget them too often).

bye
Ron

Offline ENAY

  • Full Member
  • ***
  • Posts: 221
Re: Github.com - mail communication compromised
« Reply #1 on: January 15, 2018, 02:42:51 AM »
I got nothing, thanks for the heads up though.

Offline col

  • Sr. Member
  • ****
  • Posts: 329
Re: Github.com - mail communication compromised
« Reply #2 on: January 15, 2018, 01:48:47 PM »
I never received anything like that at all. Just the usual monthly bill
Any bugs in my code are proof of its hand-coded nature.