← all stories other 4 sources · May 20

GitHub Investigates Unauthorized Access to Internal Repositories

The breach of GitHub's internal repositories, a platform central to software development including game development and distribution, raises concerns about supply chain security and the potential exposure of proprietary code used by millions of developers.

Reporting from 4 sources: ASCII.jp, GameBusiness.jp, Inside, Game Spark.

GitHub Investigates Unauthorized Access to Internal Repositories

On May 20, 2026, GitHub announced it is investigating unauthorized access to its internal repositories after detecting a breach on an employee device on May 19. The company stated on its official X account that the breach involved a Visual Studio Code extension, which was immediately removed. GitHub confirmed data exfiltration from its internal repositories and said the attacker's claim of approximately 3,800 repositories being stolen is largely consistent with its investigation findings. The hacker group TeamPCP, active on the dark web, is believed to be behind the incident. According to The Hacker News, TeamPCP offered GitHub's source code for sale at over $50,000, stating they are not interested in extorting GitHub and will release the data for free if no buyer is found. GitHub said critical sensitive information has been updated, with the most impactful credentials updated first. The company has not found evidence that customer information stored outside internal repositories was affected, and it is monitoring for follow-up activity. GitHub plans to publish a detailed report once the investigation is complete.

The breach was detected on May 19 and contained the same day, according to GitHub's official statement on X. The company said it immediately removed the Visual Studio Code extension involved and initiated an incident response. GitHub stated that critical sensitive information has been updated as of May 20, with the most impactful credentials updated first. The company is continuously analyzing and monitoring logs and plans to take additional measures based on the investigation.

The hacker group TeamPCP, active on the dark web, is believed to be behind the breach. According to The Hacker News, TeamPCP offered GitHub's source code for sale at over $50,000, stating, "This is not a typical ransom demand. We are not interested in extorting GitHub. If there is one buyer, we will delete the data on our side. Our retirement seems imminent, so if no buyer is found, we will release it for free." An ITmedia article reported that the group claimed on the dark web to have stolen approximately 4,000 internal repositories from GitHub, a number slightly higher than the 3,800 GitHub said is consistent with its findings.

Game Spark and Inside noted that GitHub is widely used in game development and distribution, with personal game distributions often carried out via the platform. Both outlets said the incident could impact the game industry depending on the extent of the damage, but noted that only internal data exfiltration has been confirmed so far, with no evidence of impact on customer information.

Synthesized by Yomimono from the 4 cited sources below, including Japanese-language reporting where cited, then editorially reviewed before publishing.

GitHub Investigates Unauthorized Access to Internal Repositories

More on this

Sources