Sunday, September 8, 2024
HomeData BreachDocker Hub Hacked - Hackers Gained Access to 190,000 Users Accounts

Docker Hub Hacked – Hackers Gained Access to 190,000 Users Accounts

Published on

Docker Hub Hacked, sensitive data more than 190,000 accounts may have exposed. Docker Hub discovered the unauthorized access to a single Hub database On Thursday, April 25th, 2019.

Docker hub is the cloud repository which allows users to create a test, store and distribute container images. It also allows you to download the docker images built by other communities.

Docker started notifying users about the security incident. It was unclear how the hackers gained unauthorized access to a single database.

- Advertisement - EHA

According to the companies official statement, “we’ve learned unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users).”

The accessed data includes usernames, passwords, Github and Bitbucket tokens for Docker auto builds. Dockers confirm that only non-financial user data is affected.

Docker recommends users to change their password and for shared accounts. All the impacted accounts GitHub tokens and access keys, so the user’s with auto builds are impacted.

Impacted users need to reconnect to the repositories and the users are recommended to check with security logs for any unauthorized access.

“We are enhancing our overall security processes and reviewing our policies. Additional monitoring tools are now in place. Our investigation is still ongoing, and we will share more information as it becomes available,” reads breach report.

Last year attacker’s made a way to docker for mining cryptocurrencies. They pushed malicious images to a Docker Hub registry and pulling it from the victim’s system, hackers were able to mine 544.74 Monero.

Also Read

Bodybuilding.com Data Breach, Resulting from Phishing Attack Via Email

Wipro Security Breach – Employees’ accounts Hacked Through Advanced Phishing Campaign

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Vulnerabilities in IBM Products Let Attackers Exploit & Launch DOS Attack

IBM has issued a security bulletin addressing critical vulnerabilities in its MQ Operator and...

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...

Tropic Trooper Attacks Government Organizations to Steal Sensitive Data

Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group,...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Verkada Pay $2.95 Million Failed To Secure Data Lead To Massive Breach

The FTC has ordered Verkada to implement a comprehensive information security program to address...

New ManticoraLoader – Malware Attacking Citrix Users To Steal Data

Cyble Research & Intelligence Labs has recently found information about a new type of...

TDECU MOVEit Data Breach, 500,000+ members’ Personal Data Exposed

Texas Dow Employees Credit Union (TDECU) has disclosed that the personal information of over...