SBS News

News > Society

Police: "Access Credentials for Over 500 GitHub Accounts Leaked"... Emergency Security Measures Recommended

Son Gijun

Published : Jul 14, 2026 2:11 PM


▲ National Police Agency

The National Office of Investigation under the National Police Agency announced today (July 14) that it has confirmed and is currently investigating a leak of access credentials for numerous accounts on the software development platform GitHub.

GitHub is a software development platform operated by Microsoft, used by companies and developers to store, manage, and share source code.

The leaked information consists of Personal Access Tokens (PAT), which are authentication methods used by users to access GitHub.

If attackers exploit these tokens, they can access major GitHub systems and obtain internal information without knowing the account's ID or password. Furthermore, there is a possibility that they could infiltrate corporate or personal systems to steal personal data and trade secrets.

According to the police, approximately 500 accounts have had their access credentials leaked so far, with about 30 of those belonging to domestic companies.

The police discovered the leak on July 9 while investigating a separate hacking case and notified GitHub accordingly.

The police have individually notified the affected domestic companies, and in the case of foreign companies, they have communicated the information to relevant authorities in each country through channels such as Interpol.

Additionally, to prevent further damage, the police have distributed a security advisory that includes emergency measures.

The advisory recommends that users check for any abnormal access logs from the past one to three months and, if signs of a breach are detected, immediately revoke existing Personal Access Tokens and issue new ones.

GitHub also stated that it has taken measures such as revoking the leaked tokens and sending alerts to the affected users.

(Photo: Yonhap News TV, Yonhap News)