The developers behind the Gentoo distribution of Linux have revealed more details about how their GitHub repository got hacked last week. According to the team, “The attacker gained access to a password of an organization administrator. Evidence collected suggests a password scheme where disclosure on one site made it easy to guess passwords for unrelated webpages.”
Luckily, the attacker took actions that were immediately noticed. “Given the credential taken, its likely a quieter attack would have provided a longer opportunity window,” the developers said.
To prevent future attacks of this nature, the team is adopting two-factor authentication and implementing a policy that requires developers to use a password manager.