A GitHub account belonging to Canonical Ltd., the maker of Ubuntu Linux, was hacked over the weekend as a hacker created new repositories in the process.

The hack took place on Saturday via compromised credentials. The hacker created 11 new repositories with names such as “CAN_GOT_HAXXD_2” and “CAN_GOT_HAXXD_4.”

The Ubuntu Security team confirmed the attack, saying on Twitter that the compromised credentials were “used to create repositories and issues among other activities,” without specifying what the other activities were.

“Canonical has removed the compromised account from the Canonical organization in GitHub and is still investigating the extent of the breach, but there is no indication at this point that any source code or PII was affected,” the team said.

Emphasizing that the software itself was always safe, the team added that “the Launchpad infrastructure where the Ubuntu distribution is built and maintained is disconnected from GitHub and there is also no indication that it has been affected.”

Exactly who was behind the hack or their intent remains unclear, although given the names of the repositories created it may have been nothing more than an online defacement. Canonical is promising to post updates following an investigation and audit into the incident.

Ouch https://t.co/eBqW0TJHTV #Ubuntu #Canonical #sécurité pic.twitter.com/KYPVFO5G7U

— Damien Clauzel (@dclauzel) July 6, 2019

The isn’t the first time GitHub accounts have been hacked recently. In May it was reported that someone was hacking GitHub repositories and holding code for ransom. A sort of variation on ransomware but without the encryption of files, the hack enabled attackers to gain access to GitHub accounts, delete data and then demand a ransom payment in return for the deleted data.

The official Ubuntu forum was hacked in June with some 2 million user names and passwords stolen. It’s not impossible that a Canonical employee may have been using the same credentials on the GitHub account used on the Ubuntu forum.

Image: Pixabay