Hacker gets access to private GitHub repositories through a Microsoft employee’s account
However, it appears that the hacker did not get access to source code of any significant projects, such as Windows and Office, said the report based on what several Microsoft employees said.
Taking control of a Microsoft employee's GitHub account, a hacker recently got access to some of the company's "private" repositories on GitHub. While some Microsoft engineers initially tried to downplay the incident calling it "a scam", they later retracted their comments after some employees confirmed its partial authenticity, ZDNet reported on Friday.
However, it appears that the hacker did not get access to source code of any significant projects, such as Windows and Office, said the report based on what several Microsoft employees said. The hacker is believed to have acquired around 1,200 private repositories. Even as the intrusion has come to light now, the incident might have taken place in March.The hacker's plans of making some of the stolen projects public on a hacking forum brought the incident to light this week.
A Microsoft spokesperson told ZDNet that the company is investigating the incident. The spokesperson, however, did not elaborate the details. The hacker going by the name Shiny Hunters contacted BleepingComputer on Thursday to tell the outlet they had gained access to over 500GB of data from Microsoft's private GitHub repositories.
According to ZDNet, the hacker behind the incident is the same individual who recently leaked 15 million records from Indonesia's largest online store Tokopedia.