Docker, a provider of cloud-based services to programmers and developers, recently announced that hackers had accessed one of its Docker Hub databases and stolen sensitive data from around 190,000 user accounts. Docker hub is the official cloud repository for Docker container images that allows users to create a test, store, and distribute container images.
Docker offers developers to run software packages known as Containers. The company claims that its software tools and cloud-based services are used by some of the largest tech companies and thousands of developers across the world.
The company notified its customers via emails. “On Thursday, April 25, 2019, we discovered unauthorized access to a single Hub database storing a subset of non-financial user data. Upon discovery, we acted quickly to intervene and secure the site,” the company said in a statement.
The company stated that hackers gained unauthorized access to the Docker hub database and allegedly acquired access keys and tokens that could have potentially given access to private code repositories. The stolen data includes usernames, hashed passwords, Github, and Bitbucket tokens for Docker auto-builds, according to Docker. The company stated that it’s unclear what information was accessed, and which companies’ accounts were affected.
The security officials clarified the customers that only non-financial user data is affected. It also recommended the users to change their passwords and to check with security logs for any unauthorized access.
“We are enhancing our overall security processes and reviewing our policies. Additional monitoring tools are now in place. Our investigation is still ongoing, and we will share more information as it becomes available,” the statement added.