An unauthorized person gained access to a Docker Hub database that exposed sensitive information for approximately 190,000 users. This information included some usernames and hashed passwords, as well as tokens for GitHub and Bitbucket repositories. Docker has already revoked all exposed tokens and access keys, but developers who used Docker Hub autobuilds should check their project’s repositories for unauthorized access. If these tokens have been misused to modify code and compromised images have been deployed, it could lead to serious supply-chain attacks.
Source: https://www.bleepingcomputer.com/news/security/docker-hub-database-hack-exposes-sensitive-data-of-190k-users/