Github, the Microsoft-owned code hosting and sharing giant, has said via official posts on X, that a recent cyber attack resulted in hackers stealing data stored in the platformâs internal repositories. The number of such repositories that hackers gained unauthorised access to, stands at 3800 as of now.
The platform also said that as of now, it has âno evidence of impact to customer information stored outside of GitHubâs internal repositories (such as our customersâ enterprises, organizations, and repositories)â. Github will continue to update in terms of the overall scale of the attack as investigation progresses.
We are investigating unauthorized access to GitHubâs internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHubâs internal repositories (such as our customersâ enterprises, organizations, and repositories), we are closelyâŠ
â GitHub (@github) May 19, 2026
Github hasnât officially confirmed the group behind the attack, though popular tech blog Bleeping Computer reports Team PCP claiming access to nearly 4000 repositories. The report also states that the hack happened due to an employee installing a malicious VS Code extension. Github has since removed the said trojanized extension from the VS Code marketplace and has secured the compromised device.
Hackers have increasingly started targeting and successfully breaching through security of open-source platforms. Team PCP has been notoriously linked to several such recent attacks, including another one on GitHub, and over PyPI, NPM, and Docker.
The Tech Portal is published by Blue Box Media Private Limited. Our investors have no influence over our reporting. Read our full Ownership and Funding Disclosure â
Our Staff writing team.
