
Hackers Are Using Old GitHub Accounts to Research Companies. What Parents Should Know
Cybercriminals are using dormant GitHub accounts to map out company structures. This mainly affects businesses, but families should understand the broader privacy risks.
Source
The Hacker News
Original headline: Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs
Plain-English summary by GetCyberRight. Read the full report at the source above.
Security researchers at Datadog Security Labs have discovered that attackers are using old, inactive GitHub accounts to systematically collect information about companies and their employees. GitHub is a platform where programmers store and share code.
The attackers are using accounts that have been sitting unused for years, or they have taken over accounts using stolen login credentials. They are using automated tools to scan through company information and figure out who works where and what projects they are working on.
Stay one step ahead of scammers
Weekly cybersecurity briefings for families. No spam, just the threats that matter and what to do about them.
This threat primarily affects businesses and their employees rather than everyday families. If someone in your household works at a company that uses GitHub for their software projects, their work account and professional information might be part of what these attackers are mapping out.
The attackers are not directly stealing money or personal family data. They are gathering intelligence that could be used in future targeted attacks against companies. For most families, there is no immediate action required.
- Log into any old GitHub accounts you may have created and either delete them if you no longer use them, or update the password to something strong and unique.
- Enable two-factor authentication on your GitHub account if you still use it.
- If you work for a company that uses GitHub, inform your IT department if you notice any unusual activity on your work account. This situation highlights an important digital safety principle: old, forgotten accounts can become security risks. Make it a habit to review what online accounts you have every six months. Close accounts you no longer use. For accounts you want to keep, ensure they have strong, unique passwords and two-factor authentication turned on. This prevents attackers from taking over your dormant accounts and using them for malicious purposes.
Curated from trusted cybersecurity sources by GetCyberRight
Source: The Hacker NewsStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles

Considering Switching from Windows to Linux? Here is One User's Experience
A longtime Windows user tried Linux Ubuntu on an old laptop to see if it could replace Windows 11. The experience had challenges but positive results.
2 min read
Trying Linux on an Old Laptop: Could This Free System Work for Your Family?
A technology writer tested Linux Ubuntu on an old laptop. It could give new life to older computers your family no longer uses.
2 min read
The Person Hired to Help Ransomware Victims Was Actually Working With the Criminals
A negotiator who was supposed to help companies targeted by ransomware secretly worked with the attackers instead. This shows why choosing who to trust in a crisis matters.
2 min read
The Person Hired to Help Ransomware Victims Was Actually Working With Criminals
A cryptocurrency employee secretly helped hackers extort $75 million from businesses. This case shows why choosing who handles a cyberattack matters.
2 min read