GitHub Disclose Security Breach, Code Signing Certificates Stolen

GitHub issued a warning about unauthorized access to its set of repositories used in the planning and development of GitHub Desktop and Atom. In this hacking incident, unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications.

However, GitHub confirmed that GitHub.com services were not affected by the incident that took place back in December. 

Regarding the security breach, GitHub's Alexis Wales said, 

"On December 6, 2022, repositories from our atom, desktop, and other deprecated Github-owned organizations were cloned by a compromised Personal Access Token (PAT) associated with a machine account,". 

"A set of encrypted code signing certificates were exfiltrated; however, the certificates were password-protected and we have no evidence of malicious use. As a preventative measure, we will revoke the exposed certificates used for the GitHub Desktop and Atom applications. Revoking these certificates will invalidate some versions of GitHub Desktop for Mac and Atom. "GitHub further added.

Users are being advised to ensure that they install the latest updates for the affected software, which are as follows -

GitHub Desktop for Mac: 3.1.2, 3.1.1, 3.1.0, 3.0.8, 3.0.7, 3.0.6, 3.0.5, 3.0.4, 3.0.3

GitHub Desktop for Windows: 1.63.1, 1.63.0

With the attackers having stolen code signing certificates, GitHub is revoking three certificates for the above versions of Atom and GitHub Desktop on February 2, so users should update before this date.