Hello, tech aficionados! It’s time to get into some serious tech talk about how exposed GitHub repositories can turn into a sneaky issue.

The cybersecurity arena has raised alarm bells on data that, even if briefly visible, can persist in the digital realm—especially through tools like Microsoft Copilot. Imagine this: once-public repositories from major companies now labeled as private still have their secrets lurking in the shadows.

Recent findings by Lasso, who specializes in generative AI threats, highlight how their own GitHub content, briefly exposed, turned up in Copilot’s responses. Isn’t that a bit unsettling?

What’s worse? Over 20,000 repositories that were public at one point are now private, yet their content remains accessible through Copilot. This includes sensitive information from tech giants like Microsoft, Google, and PayPal.

Security experts have advised organizations affected by these exposures to act quickly—rotate those keys and tighten up security protocols! However, many companies remain tight-lipped about this issue.

Even after informing Microsoft of these findings, it appears they filed it under ‘low severity.’ But with ongoing access to this data through Copilot, the situation is more complex than an easy fix.