Visual TL;DR. VS Code Extension Compromised led to GitHub Internal Repos Accessed. GitHub Internal Repos Accessed prompted Malicious Version Removed. GitHub Internal Repos Accessed prompted Employee Device Isolated. GitHub Internal Repos Accessed involved Internal Repos Exfiltrated. Internal Repos Exfiltrated but No Customer Data Impact. Internal Repos Exfiltrated included Customer Support Excerpts. Customer Support Excerpts may trigger Customer Notification Pending.
- VS Code Extension Compromised: third-party VS Code extension published with malicious code
- GitHub Internal Repos Accessed: unauthorized access to GitHub's internal repositories detected
- Malicious Version Removed: malicious extension version was immediately removed from marketplace
- Employee Device Isolated: affected employee device was isolated to prevent further spread
- No Customer Data Impact: no evidence of customer data being affected outside internal systems
- Internal Repos Exfiltrated: activity involved exfiltration of GitHub-internal repositories only
- Customer Support Excerpts: some internal repos contained excerpts of customer support interactions
- Customer Notification Pending: customers will be notified if any impact is discovered
Visual TL;DR
