Users report seeing failed login attempts from China and other countries

Nov 19, 2013 10:38 GMT  ·  By

Numerous GitHub users report seeing failed login attempts to their accounts from China, Venezuela, Indonesia, and other countries. It appears GitHub’s authentication service is the target of an automated brute force attack.

GitHub’s Zach Holman has confirmed that it’s an automated attack which they’re trying to mitigate. The attack appears to have started around two days ago.

Since then, many users have reported seeing failed login attempts. In some cases, there have been as many as 13 different attempts over the course of 8 hours.

In order to see if you have been targeted, log in to your account and go to the Security History menu. There you’ll see all the IP addresses from which login attempts have been made.

Users are advised to set a strong password and enable two-factor authentication to protect themselves.