GitHub Confirms Hackers Stole Data From About 3,800 Internal Repositories

GitHub has confirmed it was hacked, with attackers stealing data from roughly 3,800 of its internal code repositories. The Microsoft-owned developer platform disclosed the incident in posts on X, saying it is still investigating the scope and impact of the breach.

According to GitHub, there is currently “no evidence of impact to customer information stored outside of GitHub’s internal repositories,” though the company stressed that its investigation remains ongoing.

GitHub said it detected and contained a compromise involving an employee device that was infected through a “poisoned” Visual Studio Code (VS Code) extension. VS Code is a widely used code editor, and its ecosystem of extensions is a key part of many developers’ workflows.

The company described the poisoned extension as the initial vector that allowed attackers to access internal systems and exfiltrate data from thousands of internal repositories. GitHub has not yet publicly detailed what specific data was taken from those repositories.

The incident underscores a growing trend in software supply chain attacks, where threat actors target popular open-source tools and extensions to reach large numbers of developers at once. By compromising a widely used component, attackers can potentially infiltrate many downstream systems and projects in a single campaign.

Security outlets The Record and Bleeping Computer report that a hacking group known as TeamPCP has claimed responsibility for the GitHub breach and is attempting to sell the stolen data on a cybercrime forum. GitHub has not commented publicly on the group’s claims or on whether it has received any direct communication from the attackers, such as ransom demands.

TeamPCP has previously taken credit for a breach at the European Commission that led to the theft of more than 90 gigabytes of data from the EU executive’s cloud storage. According to those reports, the group obtained the European Commission’s cloud key during an earlier compromise of Trivy, a vulnerability scanning tool. Attackers reportedly pushed infostealing malware to Trivy’s downstream users, demonstrating how a single compromised tool can cascade into larger institutional breaches.

A similar pattern has emerged in another recent incident involving OpenAI. In that separate case, hackers targeted TanStack, a platform used by web developers, and pushed malicious updates designed to steal passwords and tokens from users. Like the VS Code extension compromise affecting GitHub, the TanStack incident shows how attackers are increasingly focusing on developer tooling as an entry point into high-value environments.

These cases reflect a broader shift in attacker strategy:

• Compromising open-source or widely used developer tools to reach many targets at once.
• Embedding malware in extensions, libraries, or updates that developers trust and routinely install.
• Using stolen credentials, tokens or keys obtained through these tools to move into cloud environments and internal systems.

GitHub, a central hub for developers and open-source projects worldwide, is a particularly attractive target in this landscape. Any compromise of its internal systems naturally raises concerns about potential knock-on effects for the broader software ecosystem, even as GitHub says it has not seen evidence that customer data outside its internal repositories was affected.

At the time of publication, GitHub had not responded to questions about the incident beyond its statements on X, including whether it is in contact with TeamPCP or has received any extortion or ransom demands related to the theft.