16 votes

Docker Hub compromised, exposing data of 190,000 users

3 comments

  1. [2]
    Amarok
    Link
    This a risk of using cloud services - being exposed in a data breach when whoever is holding your data or hosting your systems makes a mistake. If you run your own, odds are you're probably not...

    This a risk of using cloud services - being exposed in a data breach when whoever is holding your data or hosting your systems makes a mistake. If you run your own, odds are you're probably not important enough to get noticed, and you've a far better shot at handling your own security than you think, if you put just a bit of diligence into it.

    If you put a lot of different company data pools all in one place like this, however, that makes it a very juicy target indeed. We'll be seeing plenty more headlines like this. At least this time Docker seems to have been on top of it. They noticed it quickly, scoped it, notified customers immediately, and then continued investigating. That's the best you can really ask for in these situations.

    3 votes
    1. tindall
      Link Parent
      The problem is that most Dockery users would not have needed an account if Docker-the-company hadn't felt the need to require one to download binaries for Windows and Mac OS. For instance, I use...

      The problem is that most Dockery users would not have needed an account if Docker-the-company hadn't felt the need to require one to download binaries for Windows and Mac OS.

      For instance, I use docker on Linux and never needed an account. I just installed it with APT.

      7 votes