Monday, 29.04.2019 / 12:53
Docker said in a blog post that he detected illegitimate access to a Docker Hub database last Thursday. After that, the site was protected immediately, but the attackers could have access to data of about 190,000 users. This corresponds to about five percent of hub users.
The data that can be touched includes hash usernames and passwords, as well as tokens
for Github and Bitbucket. The financial data would not be stored in this database, Docker stresses.
Endangered users received an email with information, according to Docker. They should change passwords and check their Github or Bitbucket accounts for unusual hits. If you've set up Autobuilds, you should reconnect them to repositories because Docker has disabled previous tokens and access keys for security reasons. (HJM)