Threat actors have gained access to over 190,000 Docker users’ personal data via a single Docker Hub repository. Docker is a platform that enables developers to develop, deliver, and run applications inside containers. Exposed data includes usernames, hashed passwords, and API tokens which were used by developers with GitHub and Bitbucket. API tokens - an authentication token that replaces a username and password - have also been canceled, forcing users to reconnect manually. Docker has stated that they will “enhance the overall security processes and review policies.” The company does not yet offer multi-factor authentication despite users’ suggestions. The NJCCIC recommends all Docker users change their password and follow recommendations found in the Docker advisory. We also advise those that have an API token to check API logs found on GitHub and BitBucket.

Data BreachNJCCIC