GitHub confirms breach affecting thousands of internal repositories

Microsoft-owned GitHub confirmed on Wednesday that attackers exfiltrated data from roughly 3,800 internal repositories after a poisoned Visual Studio Code extension compromised an employee device.

This incident marks the latest in a series of software supply chain attacks linked to the hacking group TeamPCP.

The group claimed on Tuesday to have stolen source code and internal organisational data from about 4,000 repositories and offered the material for sale on a cybercrime forum for at least $50,000. GitHub said the attackers’ estimate was “directionally consistent” with its own investigation and stated that the activity appeared limited to internal repositories.

GitHub said it had “no evidence of impact to customer information stored outside of GitHub’s internal repositories”, including enterprise or customer-hosted repositories. The Microsoft-owned platform said it had rotated critical secrets and credentials, isolated the compromised endpoint and continued analysing logs for follow-on activity.

In a statement cited by Cyber Security News, GitHub said: “Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only.” The company added: “We continue to analyse logs, validate secret rotation, and monitor for any follow-on activity.”

Ilkka Turunen, Field CTO at Sonatype, said the incident reflects the growing targeting of developers in supply chain attacks. “This is another reminder that developers are now permanent targets in software supply chain attacks. TeamPCP has shown how a motivated attacker can move through the tools developers trust every day – open source packages, extensions, accounts and credentials – rather than trying to break in through the front door.”

TeamPCP has been linked to a series of attacks targeting open-source projects and developer infrastructure during 2026, including incidents affecting TanStack, Bitwarden CLI and Checkmarx. Malicious versions of Microsoft’s durabletask Python package have also recently been distributed with credential-stealing malware capable of spreading across AWS and Kubernetes environments.

GitHub said it would publish a fuller incident report once its investigation is complete.