{
	"id": "ce63c2a7-c3c5-4909-976f-689d28a4f26a",
	"created_at": "2026-04-06T00:21:52.780001Z",
	"updated_at": "2026-04-10T13:11:46.413306Z",
	"deleted_at": null,
	"sha1_hash": "d86584d8c5e63199437d99e8d0c9cfc8b0ab1199",
	"title": "Microsoft's GitHub account hacked, private repositories stolen",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1398443,
	"plain_text": "Microsoft's GitHub account hacked, private repositories stolen\r\nBy Lawrence Abrams\r\nPublished: 2020-05-07 · Archived: 2026-04-05 19:24:33 UTC\r\nA hacker claims to have stolen over 500GB of data from Microsoft's private GitHub repositories, BleepingComputer has\r\nlearned.\r\nThis evening, a hacker going by the name Shiny Hunters contacted BleepingComputer to tell us they had hacked into the\r\nMicrosoft GitHub account, gaining full access to the software giant's 'Private' repositories.\r\nActor's proof of access to Microsoft's private GitHub repos\r\nThe individual told us that they then downloaded 500GB of private projects and initially planned on selling it, but has now\r\ndecided to leak it for free\r\nhttps://www.bleepingcomputer.com/news/security/microsofts-github-account-hacked-private-repositories-stolen/\r\nPage 1 of 5\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/microsofts-github-account-hacked-private-repositories-stolen/\r\nPage 2 of 5\n\nVisit Advertiser websiteGO TO PAGE\r\nBased on the file stamps in full directory listing of the leaked files, the breach may have occurred on March 28th, 2020.\r\nLeaked data listing showing the breach date\r\nShiny Hunters told BleepingComputer that they no longer have access to Microsofts GitHub account.\r\nPrivate repositories leaked\r\nAs a teaser, the hacker offered 1GB of files on a hacker forum for registered members to use site 'credits' to gain access to\r\nthe leaked data.\r\nAs some of the leaked files contain Chinese text or references to latelee.org, other threat actors on the forum do not feel that\r\nthe data is real.\r\nBased on the full directory listing of the stolen data and and source code from private repositories that was sent to\r\nBleepingComputer by the hacker, the stolen files appear to be mostly code samples, test projects, an eBook, and other\r\ngeneric items.\r\nSome private repositories look a bit more interesting such as ones named some 'wssd cloud agent', a The Rust/WinRT\r\nlanguage projection', and a 'PowerSweep' PowerShell project.\r\nOverall, from what was shared, there does not appear to be anything significant for Microsoft to worry about, as it did not\r\ncontain more sensitive code for software like Windows or Office.\r\nCyber intelligence firm Under the Breach, who also saw the leak on the hacker forum, shares BleepingComputer's opinion\r\nthat there is not much to worry about.\r\nThey did express concern that private API keys or passwords could have accidentally been left behind in some of the private\r\nrepositories like other developers have done in the past.\r\nhttps://www.bleepingcomputer.com/news/security/microsofts-github-account-hacked-private-repositories-stolen/\r\nPage 3 of 5\n\nSince publishing this story, a Microsoft employee who wished to remain anonymous has told BleepingComputer that the\r\nstolen data is legitimate.\r\nOther employees who had previously denounced the leak as fake, have since deleted their tweets.\r\nMicrosoft has told BleepingComputer that they are \"aware of these claims and are investigating.\"\r\nUpdate 5/8/20: Updated to include info that the breach was confirmed as legitimate by MS employee and statement from\r\nMicrosoft.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nhttps://www.bleepingcomputer.com/news/security/microsofts-github-account-hacked-private-repositories-stolen/\r\nPage 4 of 5\n\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/microsofts-github-account-hacked-private-repositories-stolen/\r\nhttps://www.bleepingcomputer.com/news/security/microsofts-github-account-hacked-private-repositories-stolen/\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/microsofts-github-account-hacked-private-repositories-stolen/"
	],
	"report_names": [
		"microsofts-github-account-hacked-private-repositories-stolen"
	],
	"threat_actors": [],
	"ts_created_at": 1775434912,
	"ts_updated_at": 1775826706,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/d86584d8c5e63199437d99e8d0c9cfc8b0ab1199.pdf",
		"text": "https://archive.orkl.eu/d86584d8c5e63199437d99e8d0c9cfc8b0ab1199.txt",
		"img": "https://archive.orkl.eu/d86584d8c5e63199437d99e8d0c9cfc8b0ab1199.jpg"
	}
}