"We are investigating unauthorized access to GitHub's internal repositories," GitHub told BleepingComputer.
GitHub confirms an investigation and says customer data appears unaffected so far
GitHub acknowledged an investigation into "unauthorized access to GitHub's internal repositories" in a statement to BleepingComputer. The company said it currently has "no evidence of impact to customer information stored outside of GitHub's internal repositories (such as our customers' enterprises, organizations, and repositories)," and that it is "closely monitoring our infrastructure for follow-on activity."
GitHub also told BleepingComputer that "all affected customers will be alerted through established notification and incident response channels if any evidence of impact is discovered." Beyond those public comments, GitHub has not released additional technical details in the reporting available today.
TeamPCP posts on Breached: roughly "~4,000 repos" and a $50,000 minimum offer
The claim of access comes from the hacking group TeamPCP, which posted on the Breached forum that it had accessed "Github's source code and internal orgs" and said there is "a total of around ~4,000 repos of private code here." In the same forum post the group set a monetary floor for any buyer: "If you are interested. Send your offers to the communications below, we are not interested in under 50k, the best offer will get it."
TeamPCP added a conditional promise about handling the data: "No low ball offers will be accepted, everything for the main platform is there and I very am happy to send samples to interested buyers to verify the absolute authenticity. ... As always this is not a ransom, We do not care about extorting Github, 1 buyer and we shred the data on our end, it looks like our retirement is soon so if no buyer is found we will leak it free."
Potential scale of exposure: GitHub’s footprint
Context for why access to internal repositories could matter is found in GitHub’s own usage figures cited in reporting: the cloud-based development platform is used by more than 4 million organizations (including 90% of the Fortune 100) and more than 180 million developers who contribute to more than 420 million code repositories. The TeamPCP post points specifically to private repositories inside GitHub's internal infrastructure rather than general customer repositories, and GitHub has said it has no evidence so far that customer-controlled repositories have been affected.
TeamPCP’s recent supply-chain activity and malware history
Reporting links TeamPCP to several supply-chain campaigns and compromises. The group has previously been associated with supply chain attacks that targeted multiple developer code platforms, including GitHub, PyPI, NPM, and Docker.
In March, TeamPCP compromised Aqua Security's Trivy vulnerability scanner, an intrusion that is believed to have caused cascading compromises affecting Aqua Security Docker images and the Checkmarx KICS project. That Trivy compromise also affected the LiteLLM open-source Python library in an attack that reportedly infected "tens of thousands of devices" with the "TeamPCP Cloud Stealer" information-stealing malware.
More recently the group has been linked to the "Mini Shai-Hulud" supply-chain campaign, which reportedly affected the devices of two OpenAI employees, and to a threatened leak of Mistral AI source code said to have been stolen using compromised CI/CD credentials.
What this means for technologists, enterprises, and open-source maintainers
- Technologists and security teams: Monitor GitHub's notifications and the company's infrastructure for "follow-on activity," and be prepared to respond if GitHub confirms affected internal assets or any downstream impact.
- Enterprises and procurement leaders: Watch established incident response channels for direct notifications from GitHub; the platform's wide use—more than 4 million organizations and contributions from over 180 million developers—means attention to any confirmed internal compromise is likely to be operationally significant.
- Open-source maintainers and downstream projects: Given TeamPCP's prior compromises of developer tools and open-source projects (Trivy, LiteLLM, Docker images, KICS), maintainers will likely need to review build pipelines, CI/CD credentials, and dependencies for signs of tampering or abuse tied to this actor's methods.
GitHub's immediate public steps are narrow but concrete: investigate the unauthorized access, monitor for follow-on activity, and notify affected customers through established channels if evidence of impact is found. TeamPCP, for its part, has doubled down on a commercial-purchase-or-else path: offer samples to "verify the absolute authenticity," demand at least $50,000, and threaten a public leak if a buyer is not found.
The next clear milestones in this story are set by those two promises: whether GitHub will identify and disclose any confirmed impact beyond internal repositories, and whether TeamPCP follows through on sale samples, destruction, or public leakage. For now, GitHub's public posture is containment and monitoring while the group that claims responsibility presses a financial and publicity play.
Read the original report: https://www.bleepingcomputer.com/news/security/github-investigates-internal-repositories-breach-claimed-by-teampcp/




