Action needed for GitHub Desktop and Atom users

In response to a security incident on December 7, 2022, where unauthorized access to certain repositories was detected, GitHub has revoked three certificates—two Digicert code signing certificates used for Windows and one Apple Developer ID certificate—to prevent potential misuse. The incident involved a compromised Personal Access Token that cloned repositories used in the development of GitHub Desktop and Atom. Although no customer data was exposed and no unauthorized changes were made to the code, encrypted code signing certificates were accessed but remained secure due to password protection. As a precaution, GitHub decided to revoke the certificates by February 2, 2023, resulting in certain versions of GitHub Desktop for Mac and Atom becoming non-functional. Users are advised to update GitHub Desktop to the latest version and downgrade Atom to an earlier version to avoid disruptions. The company emphasizes its commitment to security and urges users to follow the recommended actions to maintain the functionality of these applications.