2 comments

[ 3.2 ms ] story [ 18.7 ms ] thread
> Although at this time we have no evidence that the data potentially exfiltrated has been used ...

Throwaway for obvious reasons.

An organization I'm associated with was sent logs by Github showing that all of their private repos were pulled by a TOR endpoint in June 2019 using credentials stolen from Codeship in this breach. The attackers are absolutely using the stolen data.

Hey, there - CodeShip employee here.

I can understand the language ambiguity, but note that there are two posts there. The initial post, focused only on the Github token breach, as well as the updated post expanding the scope.

The line quoted is referring to the scope in the update, not the original Github token breach which we noted originally did in fact mean repos had potentially been compromised.