What is the issue - Docker Hub, the official repository for Docker container image, suffered a data breach compromising sensitive data of almost 190,000 users.
What happened - An unauthorized party gained access to Docker Hub database which led to the compromise of users’ sensitive data.
What data was compromised - The compromised data includes Docker Hub user names, hashed passwords, and Github and Bitbucket tokens used for auto-building Docker container images.
The big picture
On April 25th, 2019, Docker Hub learned that an unauthorized party gained access to a single Docker Hub database which contains a subset of non-financial user data.
“For users with autobuilds that may have been impacted, we have revoked GitHub tokens and access keys, and ask that you reconnect to your repositories and check security logs to see if any unexpected actions have taken place,” Kent Lamb, Director of Docker Support said in the email notification.
Lamb further said that this incident might impact users’ ongoing builds from Docker Hub’s Automated build service, therefore, users must unlink and relink their Github and Bitbucket source provider.
Publisher