From a Github email to a friend to whom this happened:
"We have reviewed our logs and it doesn't appear that any actions were taken by the attacker other than to authorize the 'GitHub XRP Giveaway' application against your account.
You should be able to find the OAuth events for that application in your account's security history:
Wow... a botnet-orchestrated massive brute force attack to try and game a cryptocurrency giveaway? o.O The future was yesterday.
As of this comment, 2020 RXP is worth ~ 0.03 BTC. Multiply by ~$500USD/BTC and you get ~$16 USD (over $20 when BTC was peaking $800+USD/BTC in the last couple days). Multiply that by the number of compromised accounts that meet the cutoff date criteria, and you get the take.
Potentially some good money depending on your success rate, but maybe not worth the cost of renting a botnet?
Ah, I misread that -- I thought it was if you had contributed to their repo, not simply starred it. I had left it out of the calculation for simplicity's sake as I figured most people would not have done that.
Where did you get the 1,698 figure -- was that the number of accounts compromised?
"We have reviewed our logs and it doesn't appear that any actions were taken by the attacker other than to authorize the 'GitHub XRP Giveaway' application against your account.
You should be able to find the OAuth events for that application in your account's security history:
https://github.com/settings/security
We do not believe that the application's authors were responsible for the break-in, rather that the attackers were attempting to game the giveaway.
Ripple's explanation of the giveaway can be found here: https://ripple.com/blog/git-in-the-game-2020-xrp-giveaway-fo...