Hacker claims to have breached Microsoft’s GitHub private repos
This evening, a hacker under the name Shiny Hunters claimed to have stolen over 500GB of data from Microsoft’s private GitHub repositories, alleging that the data pertains to sensitive projects. Shiny Hunters claims to have hacked into the company’s database, stealing the information. He stated that although he initially planned on selling the data, he had decided to leak it publicly. However, Shiny Hunters told BleepingComputer that he has lost access to the account.
The hacker published 1GB of files on a forum that requires resisted members to use site credits to obtain access to the data. However, the legitimacy of the information has since been questioned, as some of the files contain Chinese text or references to latelee.org. Other threat actors on the forum also protested the data’s legitimacy. The directory listing of other data sent to BleepingComputer seems to be mostly generic items, however, there are some files that are intriguing with names like “PowerSweep,” “wssd cloud agent,” and “The Rust/WinRT language projection.” The leak does not appear to post a threat to Microsoft at this time after expert analysis.