DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
  1. DZone
  2. Software Design and Architecture
  3. Cloud Architecture
  4. Security Breach Compromises 190K Docker Hub Usernames and Passwords

Security Breach Compromises 190K Docker Hub Usernames and Passwords

Attackers recently exposed sensitive data from about 190,000 Docker Hub accounts.

Kara Phelps user avatar by
Kara Phelps
·
Apr. 29, 19 · News
Like (3)
Save
Tweet
Share
4.78K Views

Join the DZone community and get the full member experience.

Join For Free

Image title


Docker revealed to customers last week that a Docker Hub database of container images had experienced a breach, exposing the usernames and password hashes of about 190,000 accounts.

Docker Hub, Docker's container image repository, is used by thousands of major companies and developers around the globe.

In an email to Docker Hub customers and users, Docker said it discovered the breach on April 25. On Saturday, Motherboard obtained a copy of the message, which said attackers accessed "usernames and hashed passwords for a small percentage of [Docker Hub] users, as well as GitHub and Bitbucket tokens for Docker autobuilds." The breach affected 190,000 users — nearly five percent of Docker Hub's userbase, according to Computing.co.uk.

Docker revoked all affected tokens and invalidated all potentially affected password hashes. "If you directly received an email from Docker about this incident, you may have been impacted," Docker told users. "If you have received a password reset link, your password hash was potentially exposed. We have invalidated it and sent you a password reset link as a precaution. If you are using autobuilds and your GitHub or Bitbucket repositories have been unlinked from Docker Hub, you will need to relink those repositories for autobuilds to work correctly."

"Although the breach only exposed 190,000 users, the tokens and keys exposed are routinely used for auto-building critical software for companies and for accessing their private code repositories," Jeremy Galloway, a security researcher at Atlassian, told Motherboard. "It's likely that attackers compromised Docker Hub simply as a means to an end to gain access to hundreds or thousands of other sensitive targets." (Full disclosure: Atlassian is currently a sponsor of the Agile Zone.)

"It's important to remember that the DevOps Toolchain is also the DevOps Supply Chain," said Tim Erlin, VP of product management and strategy at TripWire. "The integrated tools, and the infrastructure that supports them, present new opportunities for attackers as well as users. Information security teams should be incorporating these kinds of supply chain compromises in their regular threat-modeling."

Docker reported that no official images were compromised in the recent breach, stating, "We have additional security measures in place for our Official Images including GPG signatures on git commits as well as Notary signing to ensure the integrity of each image."

The company is still investigating the incident.

Docker (software) Information security

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • How To Use Terraform to Provision an AWS EC2 Instance
  • What Should You Know About Graph Database’s Scalability?
  • Using JSON Web Encryption (JWE)
  • Why Every Fintech Company Needs DevOps

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: