Tech

Someone Claims to Have Hacked Microsoft’s GitHub Account

By Bill Toulas / May 7, 2020

According to recent reports, an anonymous hacker claims to have taken over the GitHub account of Microsoft, gaining full access to all of the software company’s private repositories, and stealing 500 GB of data in the process. The nickname used by the hacker is “Shiny Hunters,” and he contacted Bleeping Computer him/herself to inform the medium of the security incident. The person provided screenshots to prove the data breach, although this is still not concrete proof of the claims made. “Under the Breach” claimed that the data appears to be real, but an MS employee has called the story bullshit. As he wrote, Microsoft has a policy of making GitHub repositories public within a month, so the person is merely presenting these as the products of a successful hacking attack.

https://twitter.com/samsmithnz/status/1258174191834222594

More specifically, the data that was presented seems to contain Office, Windows, API, and Azure source code. All in all, this data would be highly valuable, and its leaking would be catastrophic for Microsoft. The hacker only offered a 1 GB teaser of the data, which contains Chinese text and references to “latelee.org,” which reduces the chances of this being real. Bleeping Computer received another sample, containing an ebook, general stuff, code samples, and things that don’t seem to be of any worth. The sample dates from March 28, 2020, which could be the date of the breach, if that ever happened.

data sample

Source: Bleeping Computer

Still, the person behind Shiny Hunters states that the breach is real and that he/she was previously planning to sell it. Now, the plan is to leak it online for free to everyone, so I guess this was just a teaser aiming to achieve something in the meantime. We cannot speculate on the reason why the person would opt to delay the leak, but this is only adding further to the scenario that this whole story is made up.

screenshot

Source: Bleeping Computer

Microsoft, which also happens to be the owner of GitHub since 2018, hasn’t published an official statement on the hacker’s claims yet. Maybe they have approached the hacker and are in the process of negotiating, and perhaps this is what the person was hoping to achieve by leaking “worthless” samples to the public. Whatever the case, we will have to wait and see now as we are bound to see developments in this story soon.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: