Technology New York Times Source Code Stolen Using Exposed GitHub...

-

New York Times Source Code Stolen Using Exposed GitHub Token

New York Times Source Code Stolen Using Exposed GitHub Token

The New York Times has confirmed that its internal source code was leaked on 4chan after being stolen from the company’s GitHub repositories in January 2024. BleepingComputer reports: As first seen by VX-Underground, the internal data was leaked on Thursday by an anonymous user who posted a torrent to a 273GB archive containing the stolen data. “Basically all source code belonging to The New York Times Company, 270GB,” reads the 4chan forum post. “There are around 5 thousand repos (out of them less than 30 are additionally encrypted I think), 3.6 million files total, uncompressed tar.”

While BleepingComputer did not download the archive, the threat actor shared a text file containing a complete list of the 6,223 folders stolen from the company’s GitHub repository. The folder names indicate that a wide variety of information was stolen, including IT documentation, infrastructure tools, and source code, allegedly including the viral Wordle game. A ‘readme’ file in the archive states that the threat actor used an exposed GitHub token to access the company’s repositories and steal the data. The company said that the breach of its GitHub account did not affect its internal corporate systems and had no impact on its operations. The Times said in a statement to BleepingComputer: “The underlying event related to yesterday’s posting occurred in January 2024 when a credential to a cloud-based third-party code platform was inadvertently made available. The issue was quickly identified and we took appropriate measures in response at the time. There is no indication of unauthorized access to Times-owned systems nor impact to our operations related to this event. Our security measures include continuous monitoring for anomalous activity.”

Read more of this story at Slashdot.

News for nerds, stuff that matters
Source : https://news.slashdot.org/story/24/06/10/2122214/new-york-times-source-code-stolen-using-exposed-github-token?utm_source=rss1.0mainlinkanon&utm_medium=feed

Latest news

New Solana feature allows crypto transactions on any website

Solana Actions and blockchain links will allow users to create and share transactions via a URL on...

Bybit surpasses Coinbase in market share after Binance's decline

Bybit became the world’s second-largest crypto exchange, while the leading exchange, Binance, has lost some market share...

AssangeDAO member Silke Noa says $37M spent to rescue Assange

Silke Noa calls for detailed accounting from Wau Holland Foundation on the $37M spent on Assange's legal...

Celsius small business creditors demand reimbursement after 35% cut in claims

Two Celsius creditors have filed a motion asking for a second distribution after they allegedly suffered reduced...

German Government Moves Millions in Bitcoin to Exchanges

The German government transferred millions in seized Bitcoin to exchanges Kraken and Coinbase, which could signal plans...

MakerDAO and Sherlock team up for historic $1.35M security audit contest

MakerDAO partners with Sherlock for a record-breaking $1.35 million audit contest, launching on July 8 and ending...
Advertisement

Must read

Bybit surpasses Coinbase in market share after Binance's decline

Bybit became the world’s second-largest crypto exchange,...
Advertisement

You might also likeRELATED
Recommended to you