Hackers compromised credentials to break into a Canonical Ltd. GitHub account July 6 and created repositories, but apparently did not lift sensitive information or manipulate any source code.
“We can confirm that on 2019-07-06 there was a Canonical owned account on GitHub whose credentials were compromised and used to create repositories and issues among other activities. Canonical has removed the compromised account from the Canonical organisation in GitHub and is still investigating the extent of the breach, but there is no indication at this point that any source code or PII was affected,” the Ubuntu security team tweeted.
The team thus far has found “no indication” that the Launchpad infrastructure where Ubuntu distribution is built was affected by the breach, noting that the infrastructure is disconnected from GitHub.
The hackers created 11 new repositories named “CAN_GOT_HAXXD.”