An unauthorized access to a database was discovered by the Docker Hub that exposed sensitive data of more than 190,000 account holders.
The exposed informations include username, hashed passwords, tokens for GitHub and Bitbucket repositories.
The company started emailing its customers about the security breach soon after the breach took place. However, it is unclear how hackers got a hold over a single database.
“On Thursday, April 25th, 2019, we discovered unauthorized access to a single Hub database storing a subset of non-financial user data,” said Kent Lamb, Director of Docker Support.
Docker is recommending all its users to change their password. All the impacted accounts GitHub tokens and access keys, so the user’s with auto builds are impacted.
Docker hub is the cloud repository of images created by users, and it could be downloaded by other users or images created by other communities.
“We are enhancing our overall security processes and reviewing our policies. Additional monitoring tools are now in place. Our investigation is still ongoing, and we will share more information as it becomes available,” reads breach report.