Docker Hub Hacked. Database Exposed Sensitive Data of 190K Users

cyber-gates.png
CYBER GATES

An unauthorized person gained access to a Docker Hub database that exposed sensitive information for approximately 190,000 accounts (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of these users, as well as Github and Bitbucket tokens for Docker autobuilds.

Note: GitHub and Bitbucket access tokens stored in Docker Hub allow developers to modify their project's code and have it automatically build, or autobuild, the image on Docker Hub. If a third-party gains access to these tokens, though, it would allow them to gain access to a private repositories code and possibly modify it depending on the permissions stored in the token.

Actions to Take

Share this article

Comments ()

Recommended articles


Instant notifications

Subscribe to our Telegram channel to instantly receieve the latest cybersecurity news, resources and analysis.