Did anyone else get spam on a GitHub-specific email address? #22834
-
I just (8 minutes ago at the moment of posting excluding edits) received spam on an email address that I only ever used for GitHub, and I’m fairly sure that I never attached it to my git commits (for committing I specifically use The “To” field in the mail headers is set to a completely different address (someone at a primary school in the Netherlands), but in the mail server logs I can see that the envelope is (rot13’d then base64’d) dHZndWhvLnBiekB5aHB0Ynp6bmFmLmF5, i.e. the email address on my GitHub account. I’ve changed it to something else (involving a csprng) so it can’t be coincidence in the future. At least one other active GitHub account of mine is so far unaffected (I haven’t checked work accounts yet). This was before registering for The spam was titled For now, I guess we’ll assume coincidence, and it’ll be hard to find other people who run their own mail server and track this down… but then GitHub is large and for developers, so hopefully anyone else who finds this also finds this thread and can confirm that GitHub / Microsoft has had a data breach. |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 1 reply
-
👋 Welcome to the community! We’re certainly not aware of any breaches. If, however, you have a Google search for that email address, I found one of yours posted publicly in an issue for a popular project hosted on GitHub. I don’t want to post that here, as it would further expose that email. If you can’t find it, I’ll happily email you the link. I hope that puts your mind at rest a bit! |
Beta Was this translation helpful? Give feedback.
-
Thanks canuckjacq for looking into this! That clears it up then :slight_smile: Sorry for the bother! |
Beta Was this translation helpful? Give feedback.
👋 Welcome to the community!
We’re certainly not aware of any breaches. If, however, you have a Google search for that email address, I found one of yours posted publicly in an issue for a popular project hosted on GitHub. I don’t want to post that here, as it would further expose that email.
If you can’t find it, I’ll happily email you the link. I hope that puts your mind at rest a bit!