Urgent: my GitHub account compromised and Gamocosm organization deleted

Important notes:

• Gamocosm servers have not been compromised (confident)
  • passwords in the database are salted and hashed with bcrypt (no nonsense, following good practices)
• However, Gamocosm will fail to create new servers for now
• Source code will eventually be restored on GitHub

---

I have no idea how and who did this… I am doing my best to restore this…

Update 7 (~20:05 ET) (final): Gamocosm GitHub has been restored. More information to be released tonight.

Update 1: (placeholder because I started counting updates at “2”)

Update 2 (~12:10 ET): I have reviewed and believe the Gamocosm server is still secure (my GitHub account was compromised). Furthermore, user passwords are salted and hashed with bcrypt, and should not be crackable.

Update 3 (~12:15 ET): It seems the hacker just targetted deleting Gamocosm… I have no idea why someone would want to do this… It seems he only had access to my personal accounts, fortunately, only the Gamocosm GitHub is directly under my account.

Update 4 (~12:20 ET): I have reserved the Gamocosm organization name and contacted GitHub support. Their page https://help.github.com/articles/deleting-an-organization-account/ says deletions are permanent.. but at least they used to keep deleted user accounts for ~24 hours for emergencies. Hopefully this can be restored… I do have the source code for Gamocosm locally, but would lose the project history, issues, pull requests, wiki, and others.

Update 5 (~13:45 ET): No response from GitHub yet. Again, I can restore to GitHub the code relevant to Gamocosm’s function, currently still evaluating the situation. It seems the hacker deleted my personal Gamocosm account and servers too.. As I suspected earlier, it looks more like a personal attack on Gamocosm, although I cannot imagine why anyone would do this given Gamocosm’s completely free and open nature. Again, no breach of actual Gamocosm servers detected (especially considering he/she probably would have done much worse…). I’ve changed all my personal passwords, but this is still so devasting… Yeah you won hacker, I hope someone is happy out of this…

Update 6 (~13:50 ET) As mentioned, in the case of a server breach, your passwords should still be cryptographically safe. However, a hacker would be able to access and destroy your droplets. Reiterating, there has not been a server breach yet. I intend to be fully transparent with this issue and will post more detailed information after the urgent issues are resolved.