Linked-In leakage?
Could it be the case that someone has cracked some of the hashed passwords on the Linked-In leak and found themselves enough working GitHub credentials to make it worth their while?
I have recently had many, many emails about my degenerate porn habits with faked headers set to look like the mail came from my email account as proof of the successful hack. Those spam mails were citing an actual password, which was indeed the mail+password I used for linked-in and other on-line trash accounts "back then".
Biting the hand that feeds IT
