Docker, the company behind the virtualization tool of the same name, announced that it has suffered a security breach. However, instead of making an official announcement, the company sent an alert to affected customers advising them them to change their passwords check their security logs.
The company said: “During a brief period of unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of these users, as well as Github and Bitbucket tokens for Docker autobuilds.”
The company has promised to keep users updated about the situation and assured them that they’ve revoked GitHub tokens and access keys for users with autobuilds that may have been impacted.
It is highly likely that the the attackers were after the access keys that would allow them to access critical code repositories and inject malicious code in auto-built containers.