The Department of Veterans Affairs is conducting a cyber breach investigation after a federal contractor published source code containing sensitive credentials on internet hosting service GitHub, sources told FedScoop.
Three people with direct knowledge of the matter told FedScoop the compromised information included hard-coded administrator account privileges, encrypted key tokens and specific database table information.
Within minutes of the information being published, six foreign IP addresses cloned the source code, including at least one from a country hostile to the U.S., according to sources… Read the full article here.