On Thursday April 25th 2019 Docker Hub discovered unauthorized access to a single Docker Hub database storing a subset of non-financial user data. Upon discovery, they acted quickly to intervene and secure the site.
For all Docker Hub users, there is no action required to preserve your security. A password reset link has been sent to any users who potentially had their password hash exposed. Users who have autobuilds who have had their GitHub or Bitbucket repositories unlinked will need to relink those repositories.
Details From Docker Hub Website
During a brief period of unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of these users, as well as GitHub and Bitbucket tokens for Docker autobuilds.
- We are asking users to change their password on Docker Hub and any other accounts that shared this password.
- For users with autobuilds that may have been impacted, we have
revoked GitHub tokens and access keys. This means your autobuilds will
fail, and we ask that you reconnect to your repositories and check
security logs to see if any unexpected actions have taken place.
- You may view security actions on your GitHub or BitBucket accounts to verify if any unexpected access has occurred – see https://help.github.com/en/articles/reviewing-your-security-log and https://bitbucket.org/blog/new-audit-logs-give-you-the-who-what-when-and-where
- You may need to unlink and then relink your GitHub and Bitbucket source provider as described in https://docs.docker.com/docker-hub/builds/link-source/
We are enhancing our overall security processes and reviewing our policies. Additional monitoring tools are now in place.
Further details – https://success.docker.com/article/docker-hub-user-notification
UK based technology professional, with an interest in computer security and telecoms.