Latest Threat Research: LetMeowIn – Analysis of a Credential Dumper

Get Informed

Search

Docker Hub Hack Exposed Over 190,000 Users’ Data

Docker, a company that assists developers and programmers to make software, suffered a data breach that potentially affected around 190,000 user accounts. According to Docker, the breach was discovered on April 25th, 2019 and was immediately investigated. The information that was accessed included usernames, passwords, GitHub and Bitbucket tokens that are used for the auto-building Docker software packages. The stolen access tokens could potentially be used to inject malicious code into auto built software using the Docker systems. While 190,000 breached accounts might seem like a small amount (only 5% of Docker users), but a vast majority are enterprise users–companies like PayPal, Google, and Facebook according to Docker.com. Another risk is that the attackers may be able to bypass two-factor authentication that’s used on the popular code repository site, GitHub. Docker did release a statement on Friday stating that they are asking users to change their passwords and to change the password on any accounts that share the password.

Analyst Notes

All users of Docker should immediately change their login credentials as soon as possible and reconnect the associated GitHub and Bitbucket accounts that are used. As always, the user should enable two-factor authentication wherever possible and make the user’s password more complex. It is never advisable to use common passwords such as “password” or “123456.”