Docker Hub hack exposed data of 190,000 users

2019-04-27 22:23 阅读 513 次 评论 0 条

Docker Hub usernames, hashed passwords, GitHub and Bitbucket access tokens exposed in the hack.

Docker Hub用户名、散列密码、GitHub、Bitbucket访问令牌被黑客暴露

 

Author of this article / 本文作者

转载于https://www.zdnet.com

英文翻译:虞茫、Google translate

 

Docker Hub, the official repository for Docker container images, has announced a security breach on late Friday night.
Docker Hub是Docker容器图像的官方存储库,已于周五晚间宣布了安全漏洞。

The breach came to light after the company started emailing customers about a security incident that took place a day earlier on April 25.

该公司开始向客户发送有关4月25日前一天发生的安全事件的消息后,该漏洞曝光。

"On Thursday, April 25th, 2019, we discovered unauthorized access to a single Hub database storing a subset of non-financial user data," said Kent Lamb, Director of Docker Support.

“在2019年4月25日星期四,我们发现未经授权访问存储一部分非财务用户数据的单个Hub数据库,”Docker支持总监Kent Lamb表示。

Docker says the hacker had access to this database only for a short moment, but data for approximately 190,000 users had been exposed. The company said this number is only five percent of Docker Hub's entire userbase.

Docker说,黑客只能在短时间内访问这个数据库,但大约有190,000名用户的数据已被曝光。 该公司表示,这个数字仅占Docker Hub整个用户群的5%。

It is unclear if the hacker downloaded any user data from this Docker Hub server, but if he did, he may have gained access to Docker Hub user names, hashed passwords, and Github and Bitbucket tokens used for auto-building Docker container images.

目前还不清楚黑客是否从这个Docker Hub服务器下载了任何用户数据,但如果他这样做了,他可能已获得访问Docker Hub用户名,散列密码以及用于自动构建Docker容器映像的Github和Bitbucket令牌。

Docker is now notifying users and prompting a password reset.

Docker现在正在通知用户并提示重置密码。

"For users with autobuilds that may have been impacted, we have revoked GitHub tokens and access keys, and ask that you reconnect to your repositories and check security logs to see if any unexpected actions have taken place," Lamb said in the email the company sent customers.

“对于可能受到影响的自动构建的用户,我们已经撤销了GitHub令牌和访问密钥,并要求您重新连接到您的存储库并检查安全日志以查看是否发生了任何意外操作,”Lamb在公司电子邮件中说道。 送客户。

 

The company is also asking users to review GitHub and Bitbucket account login logs for any unauthorized access from unknown IP addresses.

该公司还要求用户查看GitHub和Bitbucket帐户登录日志,以便从未知IP地址进行任何未经授权的访问。

While only 190,000 seems a small breach, it is not. A vast majority of Docker Hub users are employees inside large companies, who may be using their accounts to auto-build containers that they then deploy in live production environments.

虽然只有190,000个,像是一个小漏洞,但事实并非如此。 绝大多数Docker Hub用户都是大公司内部的员工,他们可能正在使用他们的帐户自动构建容器,然后在实际生产环境中部署这些容器。

A user who fails to change his account password and may have their accounts autobuilds modified to include malware.

用户未能更改其帐户密码,并且可能将其帐户自动构建修改为包含恶意软件。

Docker said it is still investigating the incident and will share details when available. The security incident was not disclosed on the company's website, but only via email. A copy of the full email is available here or in the image below.

Docker表示,它仍在调查此事件,并将在可用时分享详细信息。 安全事件未在公司网站上披露,但仅通过电子邮件披露。 完整电子邮件的副本可在此处或下图中找到。

图没贴完,邮件原文/译文如下:

Original mail post/Translation

On Thursday, April 25th, 2019, we discovered unauthorized access to a single Hub database storing a subset of non-financial user data. Upon discovery, we acted quickly to intervene and secure the site.

在2019年4月25日星期四,我们发现了对存储非财务用户数据子集的单个Hub数据库的未授权访问。 发现后,我们迅速采取行动干预并保护网站。

We want to update you on what we've learned from our ongoing investigation, including which Hub accounts are impacted, and what actions users should take.

我们希望向您介绍我们从正在进行的调查中了解到的内容,包括哪些Hub帐户受到影响,以及用户应采取的操作。

Here is what we’ve learned:

以下是我们学到的:

During a brief period of unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of these users, as well as Github and Bitbucket tokens for Docker autobuilds.

在未经授权访问Docker Hub数据库的短暂时间内,可能已暴露大约190,000个帐户的敏感数据(少于5%的Hub用户)。 数据包括一小部分用户的用户名和散列密码,以及Docker autobuild的Github和Bitbucket令牌。

Actions to Take:

随即采取的行动:

- We are asking users to change their password on Docker Hub and any other accounts that shared this password.

- 我们要求用户在Docker Hub和共享此密码的任何其他帐户上更改密码。

- For users with autobuilds that may have been impacted, we have revoked GitHub tokens and access keys, and ask that you reconnect to your repositories and check security logs to see if any unexpected actions have taken place.

- 对于具有可能受影响的自动构建的用户,我们已撤销GitHub令牌和访问密钥,并要求您重新连接到您的存储库并检查安全日志以查看是否发生了任何意外操作。

- You may view security actions on your GitHub or BitBucket accounts to see if any unexpected access has occurred over the past 24 hours -see https://help.github.com/en/articles/reviewing-your-security-log and https://bitbucket.org/blog/new-audit-logs-give-you-the-who-what-when-and-where

- 您可以在GitHub或BitBucket帐户上查看安全操作,以查看过去24小时内是否发生任何意外访问 - 请访问https://help.github.com/en/articles/reviewing-your-security-log和https://bitbucket.org/blog/new-audit-logs-give-you-the-who-what-when-and-where

- This may affect your ongoing builds from our Automated build service. You may need to unlink and then relink your Github and Bitbucket source provider as described in https://docs.docker.com/docker-hub/builds/link-source/

- 这可能会影响我们的自动化构建服务的持续构建。 您可能需要取消链接,然后重新链接您的Github和Bitbucket源提供程序,如https://docs.docker.com/docker-hub/builds/link-source/中所述

We are enhancing our overall security processes and reviewing our policies. Additional monitoring tools are now in place.

我们正在加强整体安全流程并审核我们的政策。 现在有了额外的监测工具。

Our investigation is still ongoing, and we will share more information as it becomes available.

我们的调查仍在进行中,我们将在可用时分享更多信息。

Thank you,

谢谢你,

Kent Lamb Director of Docker Support info@docker.com

Kent Lamb Docker 产品支持总监info@docker.com

 

嘤嘤嘤嘤嘤呜呜呜呜呜叭叭叭叭叭嘿嘿嘿嘿嘿哟哟哟哟哟 (3 次评分, 平均分: 5.00 out of 5)
Loading...
版权声明:本文著作权归原作者所有,欢迎分享本文,谢谢支持!
转载请注明:Docker Hub hack exposed data of 190,000 users | 温柔的夜
分类:资讯 标签:, ,

发表评论


表情