Git automatically exposes the email of committers, or at least a string that is nominatively an email, I see no evidence of a anything beyond that here.
One of the pastes at that link lists thousands of real Github account emails followed by an unhashed password. Some of them have private repositories listed as well.
I'd rather not post the pastebin to remove the hassle of finding the exact one, but it was posted in the past few hours and I'd recommend that everyone check their Github emails on haveibeenpwned.com to see if it's found in the paste.
Better yet change your password immediately since there's no announcement from Github regarding the extent of the breach.
I'd rather not post the pastebin to remove the hassle of finding the exact one, but it was posted in the past few hours and I'd recommend that everyone check their Github emails on haveibeenpwned.com to see if it's found in the paste.
Better yet change your password immediately since there's no announcement from Github regarding the extent of the breach.