GitHub repository transferred to another enterprise account
Description
AlphaSOC detected a GitHub repository transfer to another enterprise account. This activity indicates a change in repository ownership that could expose source code and sensitive data to unauthorized parties.
Impact
Repository transfers can result in source code theft, exposure of secrets and credentials stored in code, and loss of intellectual property. Adversaries use stolen repositories to identify security vulnerabilities, extract hardcoded credentials, and gather intelligence for additional attacks.
Severity
| Severity | Condition |
|---|---|
Medium | GitHub repository transferred to another enterprise account |
Investigation and Remediation
Review GitHub audit logs to identify the user who initiated the transfer and the destination account. Verify whether the transfer was authorized as part of normal business operations. For unauthorized transfers, contact GitHub support to restore repository ownership, rotate any exposed credentials, and review repository access logs for additional suspicious activity.