A hacker claims to have stolen over 500GB of data from Microsoft's private GitHub repositories, BleepingComputer has learned.
This evening, a hacker going by the name Shiny Hunters contacted BleepingComputer to tell us they had hacked into the Microsoft GitHub account, gaining full access to the software giant's 'Private' repositories.
Actor's proof of access to Microsoft's private GitHub repos
The individual told us that they then downloaded 500GB of private projects and initially planned on selling it, but has now decided to leak it for free
Based on the file stamps in the leaked files, the breach may have occurred on March 28th, 2020.
Leaked data listing showing the breach date
Shiny Hunters told BleepingComputer he no longer has access to the account.
Private repositories leaked
As a teaser, the hacker offered 1GB of files on a hacker forum for registered members to use site 'credits' to gain access to the leaked data.
As some of the leaked files contain Chinese text or references to latelee.org or Chinese text, other threat actors on the forum do not feel that the data is real.
In a directory listing and samples of other private repositories sent to BleepingComputer, the stolen data appears to be mostly code samples, test projects, an eBook, and other generic items.
Some private repositories look a bit more interesting such as ones named some 'wssd cloud agent', a The Rust/WinRT language projection', and a 'PowerSweep' PowerShell project.
Overall, from what was shared, there does not appear to be anything significant for Microsoft to worry about, such as Windows or Office source code.
Cyber intelligence firm Under the Breach, who saw the leak on ..
Support the originator by clicking the read the rest link below.
