According to a report by Motherboard published April 27, 2019, software tools development firm Docker’s database was recently breached by hackers who might have stolen sensitive data from around 190,000 of the company’s clients.
Hackers Run Away with Sensitive Data
Despite the abundance of strong anti-theft and cyber-security solutions, instances of data breaches are increasing at an alarming rate. This was evident in a recent case where software firm Docker said that hackers had gained access to one of its Docker Hub databases potentially stealing sensitive data from more than 190,000 accounts.
Security experts told Motherboard that in a worst-case scenario, the hackers might have got access to proprietary source code from some of the compromised accounts. Notably, Docker offers its developers software packages called “containers” that consist of various scripts that aid them in developing desired programs.
Interestingly, these containers are used by some of the largest tech companies. However, it is not yet known that to what extent hackers were able to pierce through Dockers’ databases and which companies’ accounts were compromised.
On April 26, 2019, Docker disclosed the security breach to customers and users of Docker Hub – the company’s cloud-based enterprise-grade service. Per the email, the stolen data includes “usernames and hashed passwords for a small percentage of these users, as well as Github and Bitbucket tokens for Docker auto builds.”
Although Docker is keeping a close tab on the attack, security researchers fear that hackers might have run away with access keys and tokens which could enable them to inject the virus into Docker’s software auto built turning the whole situation “catastrophically bad.”
Tech Giants Worried
Docker boasts of an impressive clientele which includes the likes of PayPal, Atlassian, and Splunk. Further, many developers at Google and Facebook are also frequent users of Docker.
Jeremy Galloway, a security researcher at Atlassian, told Motherboard in an online chat:
“Although the breach only exposed 190,000 users, the tokens and keys exposed are routinely used for auto-building critical software for companies and for accessing their private code repositories.”
“It’s likely that attackers compromised Docker Hub simply as a means to an end to gain access to hundreds or thousands of other sensitive targets.”
Experts believe that hackers could also use the stolen keys to bypass two-factor authorization (2FA) to access the code repository on GitHub.
For the time being, Docker has urged the affected users to reset their passwords. It has also revoked their GitHub access keys and tokens.