Container application repository Docker Hub has admitted that they are the latest victim of a data breach. It affects 190,000 users.
It’s not as big as the 80 million compromised in a mystery data leak/breach, but it is still noteworthy.
Docker Hub is a repository for open source container application repository is admitting that they are the latest victims of a data breach. Here’s an excerpt from eWeek:
Docker is warning of a data breach that impacts some 190,000 users of its Docker Hub repository for container images.
The breach was first reported by Docker late on April 26 in an email sent to Docker Hub users, revealing a data breach that was detected the day before, on April 25. Docker Inc. is the lead commercial sponsor behind the open-source Docker container technology that enables developers to build, package and deploy applications as containers. The Docker Hub is a popular repository for Docker users to find freely available Docker application images to run.
“During a brief period of unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users),” Kent Lamb, director of Docker Support, wrote in an email sent to Docker Hub users. “Data includes usernames and hashed passwords for a small percentage of these users, as well as GitHub and Bitbucket tokens for Docker autobuilds.”
Obviously, those impacted should change their passwords. If that password was re-used in any other service, that password should be changed as well.
Probably the only good news to come out of this is the fact that it could have been a whole lot worse. Still, it’s never good when someone manages to gain unauthorized access to user account information.
Drew Wilson on Twitter: @icecube85 and Facebook.