Hi,
Last week, the llvmbot GitHub account, which we use for project automation, was suspended by GitHub Support due to a suspicious login. For more details about the timeline, please see the security ticket.
We have filed a ticket with GitHub requesting more information about the incident. It’s unclear what ‘suspicious login’ means exactly and if some actually gained access to the account or not. As a precaution, we have reset the llvmbot password, 2FA, recovery codes, and regenerated all the personal access tokens associated with the account.
This is a good reminder for everyone to keep your accounts secure. Please review Github’s documentation for account security and make sure you are following the recommend practices.
As always, if you see any suspicious activity even from a ‘trusted’ account, please file an issue on GitHub or if you want to keep the report private, you can file an issue with the LLVM Security team.