Dockerhub hacked

As an FYI to docker users on this forum I received the following (below quote) from docker last night.
Maybe I am just on of the 5% of impacted users? Not sure but I would suggest everyone with a DH account - esp if linked to GH - should take a look and change their PW.

On Thursday, April 25th, 2019, we discovered unauthorized access to a single Hub database storing a subset of non-financial user data. Upon discovery, we acted quickly to intervene and secure the site.

We want to update you on what we’ve learned from our ongoing investigation, including which Hub accounts are impacted, and what actions users should take.

Here is what we’ve learned:

During a brief period of unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of these users, as well as Github and Bitbucket tokens for Docker autobuilds.

Actions to Take:

We are enhancing our overall security processes and reviewing our policies. Additional monitoring tools are now in place.

Our investigation is still ongoing, and we will share more information as it becomes available.

Thank you,



Hopefully the devs got this message too.

1 Like

Thanks for the heads up!

No problem!