Sunday, March 30, 2025
HomeData BreachDocker Hub Hacked - Hackers Gained Access to 190,000 Users Accounts

Docker Hub Hacked – Hackers Gained Access to 190,000 Users Accounts

Published on

SIEM as a Service

Follow Us on Google News

Docker Hub Hacked, sensitive data more than 190,000 accounts may have exposed. Docker Hub discovered the unauthorized access to a single Hub database On Thursday, April 25th, 2019.

Docker hub is the cloud repository which allows users to create a test, store and distribute container images. It also allows you to download the docker images built by other communities.

Docker started notifying users about the security incident. It was unclear how the hackers gained unauthorized access to a single database.

According to the companies official statement, “we’ve learned unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users).”

The accessed data includes usernames, passwords, Github and Bitbucket tokens for Docker auto builds. Dockers confirm that only non-financial user data is affected.

Docker recommends users to change their password and for shared accounts. All the impacted accounts GitHub tokens and access keys, so the user’s with auto builds are impacted.

Impacted users need to reconnect to the repositories and the users are recommended to check with security logs for any unauthorized access.

“We are enhancing our overall security processes and reviewing our policies. Additional monitoring tools are now in place. Our investigation is still ongoing, and we will share more information as it becomes available,” reads breach report.

Last year attacker’s made a way to docker for mining cryptocurrencies. They pushed malicious images to a Docker Hub registry and pulling it from the victim’s system, hackers were able to mine 544.74 Monero.

Also Read

Bodybuilding.com Data Breach, Resulting from Phishing Attack Via Email

Wipro Security Breach – Employees’ accounts Hacked Through Advanced Phishing Campaign

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Gamaredon Hackers Weaponize LNK Files to Deliver Remcos Backdoor

Cisco Talos has uncovered an ongoing cyber campaign by the Gamaredon threat actor group,...

“Crocodilus” A New Malware Targeting Android Devices for Full Takeover

Researchers have uncovered a dangerous new mobile banking Trojan dubbed Crocodilus actively targeting financial...

SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk

From WannaCry to the MGM Resorts Hack, ransomware remains one of the most damaging...

Hackers Exploit DNS MX Records to Create Fake Logins Imitating 100+ Brands

Cybersecurity researchers have discovered a sophisticated phishing-as-a-service (PhaaS) platform, dubbed "Morphing Meerkat," that leverages...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Blacklock Ransomware Infrastructure Breached, Revealing Planned Attacks

Resecurity, a prominent cybersecurity firm, has successfully exploited a vulnerability in the Data Leak...

Massive Data Breach Hits NSW Online Registry: 9,000+ Files Stolen

A major cybersecurity incident has struck the New South Wales court system, as cybercrime...

Four Members of Hacker Group Behind 90 Worldwide Data Breaches Exposed

A recent investigation by Group-IB has shed light on a notorious cybercriminal operating under...