"Attackers breached Docker Hub, grabbed keys and tokens"

Docker, the company behind a popular virtualization tool, discovered that it had been breached by hackers.  On Thursday, April 25th, 2019, the company discovered unauthorized access to a single Hub database storing a subset of non-financial user data.  190,000 accounts may have been exposed due to this breach. Data breached includes usernames, hashed passwords, and Github and Bitbucket tokens for Docker autobuilds. The attackers were most likely after the tokens and access keys, which then will allow them to access companies’ critical code repositories and inject malicious code in auto-built containers. This breach in tokens also can affect companies that do not use Docker Hub, but whose developers might have used Docker with GitHub integration.  

HELPNETSECURITY reports: "Attackers breached Docker Hub, grabbed keys and tokens"

Submitted by Anonymous on