The GitHub account of Canonical Ltd., the company behind the Ubuntu Linux distribution, was hacked on Saturday, July 6.
"We can confirm that on 2019-07-06 there was a Canonical owned account on GitHub whose credentials were compromised and used to create repositories and issues among other activities," the Ubuntu security team said in a statement.
"Canonical has removed the compromised account from the Canonical organisation in GitHub and is still investigating the extent of the breach, but there is no indication at this point that any source code or PII was affected," it said.
"Furthermore, the Launchpad infrastructure where the Ubuntu distribution is built and maintained is disconnected from GitHub and there is also no indication that it has been affected."
The Ubuntu security team said it plans to publish another public update once it finishes its investigation into the incident, and after it carries out an audit and carries out any other needed remediations.
Two days before the incident, cyber-security firm Bad Packets detected internet-wide scans for Git configuration files. Such files can often contain credentials for Git accounts, like the ones used to manage code on GitHub.com.
Canonical hacked in the past, loads of times
This weekend's Canonical security incident is not the first one through which the company goes through.
Currently, this weekend's incident appears to be benign. If the hacker had added malicious code to Canonical projects, then he wouldn't have drawn attention to himself by creating new repositories in the Canonical GitHub account.
10 super sweet laptops that come with Linux pre-installed