If your credentials were included in that file, you should have already received an email from us and had your password reset. We've done the same for all users involved.
There's no indication that GitHub was breached and our downtime was unrelated. We believe the 5,199 users in the paste linked on haveibeenpwned.com are the result of someone using a breach from another website against ours to check for users re-using the same credentials.
Git automatically exposes the email of committers, or at least a string that is nominatively an email, I see no evidence of a anything beyond that here.
One of the pastes at that link lists thousands of real Github account emails followed by an unhashed password. Some of them have private repositories listed as well.
I'd rather not post the pastebin to remove the hassle of finding the exact one, but it was posted in the past few hours and I'd recommend that everyone check their Github emails on haveibeenpwned.com to see if it's found in the paste.
Better yet change your password immediately since there's no announcement from Github regarding the extent of the breach.
The pastebin of 5,199 emails is still up as of now. I reported it but if someone has a PRO account, those reports will get processed sooner and hopefully the leak won't be abused too badly.
--------
Hi there Oscar,
Thanks for writing in about this.
If your credentials were included in that file, you should have already received an email from us and had your password reset. We've done the same for all users involved.
There's no indication that GitHub was breached and our downtime was unrelated. We believe the 5,199 users in the paste linked on haveibeenpwned.com are the result of someone using a breach from another website against ours to check for users re-using the same credentials.
If you have any questions, do let us know!