GitHub resets passwords for lazy, reckless users

GitHub resets passwords for lazy, reckless users

Confirming that people who should know better are still reusing passwords, attackers have successfully used login credentials stolen from other sites to access GitHub accounts.

The attackers were attempting to log into GitHub accounts using email addresses and passwords obtained from other online services that have been breached recently, GitHub said in a statement. After the company became aware of a large number of unauthorized attempts, it reset the passwords on affected accounts and began notifying users.

“We immediately began investigating and found that the attacker had been able to log in to a number of GitHub accounts,” the statement said.

To read this article in full or to leave a comment, please click here

Source: Security


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.