Hi everyone,

I wanted to share a recent security story as a reminder of how important it is to protect our code, accounts, and credentials—especially for those working in development.

A reported incident involving GitHub claims that a threat actor accessed thousands of internal repositories and is attempting to sell the data. While details are still being confirmed, the situation highlights how valuable and targeted source code environments are.

Reference:
GitHub Hacker Claims Security Breach Involved About 4,000 Internal Repositories

For all staff:

• Be cautious with links, downloads, and unexpected access requests
• Avoid sharing sensitive information through email, chat, or unsecured tools
• Report anything suspicious to IT immediately

For developers (important): Please take extra care with the following:

• Never store credentials in code (API keys, tokens, passwords, etc.)
• Use approved credential management methods and environment variables
• Ensure your GitHub access is secured (MFA enabled, strong password)
• Be mindful of repository visibility and permissions
• Double-check before pushing code to confirm no sensitive data is included
• Be cautious when installing IDE extensions or developer tools

These types of incidents are often preventable when strong security practices are followed consistently.

If you have any questions or want a quick review of secure development practices, feel free to reach out to the ACORD Help Desk at helpdesk@acord.org.