Popular code-sharing site GitHub placed innumerable users at risk last week after it became apparent that its search functionality was publishing private files and encryption keys.

Whilst GitHub, a site popular with open-source software developers, was deemed itself was not at risk of a security breach, the threat of hackers collating the exposed data is a serious concern for all online services where privacy and data protection is paramount.


GitHub's new search feature was designed to live-index newly-uploaded code to make life easier for its patrons, but instead found SSH keys and other privacy protocols were being published to millions of users worldwide. Unscrupulous hackers could potentially use the information fraudulently or for other criminal activites; so GitHub simply shut its search tool down - though they did not acknowledge why.

"Search remains unavailable. The cluster is recovering slowly and we continue to monitor its progress. We'll provide further updates as they become available." - GitHub messages


Last week's unveiling of the search tool via the GitHub blog has since been tarnished by this revelation, and although users themselves had been unwittingly distributing their sensitive encryption details, the platform site is ultimately culpable as the publishing platform.

No compensatory measures have yet been announced.