CONTAINERISATION OUTFIT Docker has fessed up to a breach of its Hub database that exposed the personal information of approximately 190,000 users.
Docker Hub is the default cloud-based registry where Docker implementations look for images and it is used by thousands of developers and companies across the world.
Docker first detected the hack on 25 April and then revealed the details about of the breach in an email sent to customers and users of Docker Hub.
In the message, the company said that the attackers could have stolen user names and hashed passwords for about 190,000 users - nearly five per cent of Docker Hub's entire userbase. Bitbucket and GitHub access tokens for Docker autobuilds were also exposed during the incident.
Using these tokens, developers can modify the code of their project and can then autobuild the image on Docker Hub. An attacker, after getting access to tokens, could easily access a private repositories code and modify it depending on the permissions provided.
Because Hub images are frequently used in server configurations, changing the code and deploying compromised images could further lead to deeper supply-chain attacks.
Docker informed users that it revoked all access token to the accounts whose data might have been exposed during the attack. It also asked users to immediately change their password on Docker Hub as well as on other accounts, which shared this password.
The company advised users to reconnect to their repositories and check security logs to see if any unexpected activity was carried out from their accounts.
No Official Images were compromised during the attack, according to Docker.
"We have additional security measures in place for our Official Images including GPG signatures on git commits as well as Notary signing to ensure the integrity of each image," it revealed.
Docker has not yet provided any information about the attackers, but it appears that someone probably stole credentials to a privileged account and gained access to the Hub database.
The company said it is investigating the attack and will share more details about the incident, when available. µ
Put a Ring-Con on it
We know. We're as surprised as you are
It's available across all major UK networks