Algo v0.31
Substrate
technology

GitHub Reports Breach of 3,800 Internal Repositories

GitHub confirmed a breach that affected around 3,800 internal code repositories. The company stated it found no evidence that customer data stored outside those repositories was accessed.

TechCrunch
1 source·May 20, 1:25 PM(9 days ago)·1m read|
GitHub Reports Breach of 3,800 Internal Repositorieskoreatimes.co.kr
Audio version
Tap play to generate a narrated version.
Developing·Limited corroboration so far. This page will refresh as more sources emerge.

GitHub confirmed that attackers stole data from around 3,800 internal code repositories. The company said it detected the compromise through an employee device that had been infected by a poisoned Visual Studio Code extension. GitHub stated it has no evidence that customer information stored outside its internal repositories was affected. The company added that its investigation remains ongoing.

The company did not name the compromised extension.

GitHub also did not respond to questions about whether it had received any communication from the attackers, including possible ransom demands. The Record and Bleeping Computer reported that a hacking group called TeamPCP claimed responsibility for the breach and is selling the stolen data on a cybercrime forum.

TeamPCP previously claimed credit for a breach at the European Commission that resulted in the theft of more than 90 gigabytes of data. The group had stolen cloud credentials during an earlier attack on Trivy, a vulnerability scanning tool. OpenAI was also targeted in a separate incident involving malware pushed through Tanstack, a platform used by web developers.

Key Facts

3,800 repositories
number of internal GitHub code repositories accessed
Employee device
initial compromise vector via poisoned VS Code extension
TeamPCP
hacking group that claimed responsibility for the breach
cybersecuritydata-breachgithub

Potential Impact

  1. 01

    GitHub continues its investigation into the scope of the data theft.

  2. 02

    Stolen internal repository data is being offered for sale on cybercrime forums.

Transparency Panel

Sources cross-referenced1
Confidence score75%
Synthesized bySubstrate AI
Word count178 words
PublishedMay 20, 2026, 1:25 PM
Bias signals removed1 across 1 outlet
Signal Breakdown
Speculative 1
Original Sources
TechCrunchGitHub says hackers stole data from thousands of internal repositories

Related Stories

World Urban Forum 2026 Draws 57,000 Participants from 176 CountriesEuronews
technology3 hrs agoDeveloping

World Urban Forum 2026 Draws 57,000 Participants from 176 Countries

The 13th World Urban Forum concluded with discussions on housing, climate resilience and urban governance. Organisers reported that the sessions informed future strategic priorities.

Euronews
1 source
Trump Mobile website still lists T1 phone as American-madetheverge.com
technology3 hrs agoDeveloping

Trump Mobile website still lists T1 phone as American-made

The product page for the T1 phone continues to describe the device as American-made. The Verge reported that the site may conflict with FTC advertising rules. The phone was announced in June 2025.

The Verge
1 source
EU Discusses Readiness for Artificial Intelligence ChangesFrance 24
ai3 hrs agoDeveloping

EU Discusses Readiness for Artificial Intelligence Changes

A France 24 program examined whether European Union policies can address the effects of artificial intelligence. The discussion covered potential impacts across daily life and economic sectors.

France 24
1 source