Personal Access Tokens Leaked
Access to Private Repositories Compromised

The police have launched an investigation after access credentials for software development platforms, used by domestic and international companies and developers, were leaked. Authorities have also distributed a security advisory to prevent additional hacking incidents.


On July 14, the National Investigation Headquarters of the Korean National Police Agency announced that they had confirmed a significant number of GitHub account access credentials had been leaked externally, and would distribute a security advisory including emergency security measures and recommendations. GitHub, operated by Microsoft, is a software development platform used by developers and others to store and manage source code.


National Investigation Headquarters Probes 'Software Development Platform' GitHub Access Credential Leak View original image

The leaked information concerns GitHub's "Personal Access Tokens (PAT)," which are authentication tools used by users to access GitHub's private repositories. The National Investigation Headquarters warned that if attackers steal these tokens and access the victim's repository, they could obtain information necessary to enter systems, and potentially use that information to infiltrate major personal or corporate systems and steal sensitive data such as personal information or corporate secrets.


All companies and individuals using GitHub private repositories must check for unauthorized access and determine whether any breaches have occurred as a result of the credential leak. Any previously issued PATs must be immediately revoked and reissued.


To prevent further hacking damage, security protocols that must be followed include: enabling, minimizing, and segmenting multi-factor authentication for access credentials; prohibiting the inclusion of major system access information within source code; and performing thorough security checks on developer PCs.


The police are continuing to investigate the GitHub access credential leak and have notified affected PAT users and GitHub to implement security measures. GitHub has informed police that it has carried out security actions such as "revoking leaked PATs and issuing alerts to users of compromised PATs." In addition, the police have stated their intention to quickly share any newly identified threat information with relevant agencies and companies, and to further strengthen cyberattack response capabilities.



Park Woo-hyun, Director of Cyber Investigation at the Korean National Police Agency, said, "This is a case of detecting attacks targeting not only companies' information network infrastructure but also their development platforms. Prompt security measures by companies and individual developers are absolutely essential," adding, "If anyone experiences a crime or discovers any suspicious signs, please report it immediately."


This content was produced with the assistance of AI translation services.

© The Asia Business Daily. All rights reserved. Unauthorized AI training and use prohibited.

Today’s Briefing