GitHub account compromised

[johnmmoore]

Last night I took my daughter to our church building so that she could attend a young womens activity and because of the distance between the building and our house, I chose to stay in the building and do some homework for an online coding bootcamp I'm attending. I submitted my work to GitHub so that it could be reviewed by people that work at my online school and as soon as I did, I did a refresh on my GitHub account using a browser and I got a message in red that said...

.
.
Your GitHub password has been reported as compromised in a data breach by "HaveIBeenPwned™". Although passwords may be reused across services, GitHub passwords have not been compromised directly. Please update your password as soon as possible.
.
.

Is this because of all the filters on the church wifi access or is it possible that our church buildings access been compromised?

About 10 minutes earlier I tried to access a YouTube video titled "Heap sort in 4 minutes" and it said that my connection was going to be hijacked so it didn't let me continue but I figured that was the filters that the church had in place blocking me.

The only code I have in my GitHub account is school material but I'd rather not have it taken over by someone else. Is this a real threat or did this service that GitHub uses identify a 'false positive' because of where I pushed my Git branch from vs where I normally do that type of work (home)?

[johnmmoore]

One other thing.....I'd prefer not to change my GitHub password if I don't have to but I will if my account is in real jeopardy of being taken over. That's pretty much why I'm posting. Is church wifi access/filtering causing my problems or has our buildings access been compromised? Not sure how common this type of problem might be.

[russellhltn]

GitHub has had a breach that had nothing to do with church networks.

Generally, YouTube is blocked at church meetinghouses. That's not how I'd expect it to play out, but might be "why".

[eblood66]

The github issue doesn't have anything to do with the church wifi or filters and it doesn't indicate that the church network was compromised in some way. It's due to new security measures at github just put in place yesterday. See https://blog.github.com/2018-07-31-new- ... erability/.

YouTube is usually blocked by the church firewall so that is probably due to the filters.

[johnmmoore]

Awesome. Thanks for the responses and that link to GitHub blog post. I feel a little safer now that I've read that GitHub post. Thanks again.

[eblood66]

That's not how I'd expect it to play out

Actually, I think it makes sense. Google uses https on all its sites nowadays. So when the filter blocks YouTube it will return a response but that response won't be authenticated with the YouTube certificate. As a result the browser will likely see that as a man-in-the-middle attack (which technically it is) and give an error message about the site being hijacked and/or about an invalid certificate (depending on the browser).

I often see the same kind of thing when accessing a unsecured wifi network that requires a login. If you try to access an https site, you get that kind of error message. If you access an http site then you get the login page.