Connect with us

Cyber Security

GitHub suspends accounts of Russian devs at sanctioned companies

Published

on

Russian software developers are reporting that their GitHub accounts are being suspended without warning if they work for or previously worked for companies under US sanctions.

According to Russian media outlets, the ban wave began on April 13 and didn’t discriminate between companies and individuals.

For example, the GitHub accounts of Sberbank TechnologySberbank AI Lab, and the Alfa Bank Laboratory had their code repositories initially disabled and are now removed from the platform.

Flagged company repository
Blocked repository or flagged company (habr.com)

Considering that these companies were sanctioned by the U.S. Treasury last week and Microsoft owns GitHub, an American company, the action is not unexpected.

However, suspending the private accounts of dozens of individuals that host no content connected to any sanctioned entities is quite surprising.

GitHub user complaining about unjustified account suspension
GitHub user complaining about unjustified account suspension

Personal accounts suspended on GitHub have their content wiped while all repositories become immediately out of reach, and the same applies to issues and pull requests.

Habr.com reports that some Russian developers contacted GitHub about the suspension and received an email titled ‘GitHub and Trade Controls’ that explained their account was disabled due to US sanctions.

Email received after questioning why their account was removed
Email about suspensions
Source: Habr

This email contains a link to a GitHub page explaining the company’s policies regarding sanctions and trade controls, which explains how a user can appeal their suspension.

This appeal form requires the individual to certify that they do not use their GitHub account on behalf of a sanctioned entity.

A developer posted to Twitter saying that he could remove the suspension after filling out the form and that it was due to his previous employer being sanctioned.

Controversial move

GitHub has previously stated that its vision is to be the home for all developers, including those residing in Russia, making it clear that it’s planning no mass bans.https://7eeb3d386af1d642699e6dc24958c263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

“In parallel with our efforts to make sure GitHub is available to developers in all countries, we are continuing to ensure free open source services are available to all, including developers in Russia,” said the platform in a blog post published last March.

While a lot has happened since then, there has been no update on these policies on GitHub’s blog, so we can only assume that their stance on the subject remains the same.

Bleeping Computer has reached out to GitHub asking for a comment on the reported suspension wave, and a spokesperson of the platform has responded with the following:

Like any company that does business in the U.S., GitHub may have to restrict users and customers identified as Specially Designated Nationals (SDNs) or other denied or blocked parties under U.S. and other applicable sanctions laws, or that may be using GitHub on behalf of blocked parties. 

At the same time, GitHub’s vision is to be the global platform for developer collaboration, no matter where developers reside. We examine government sanctions thoroughly to be certain that users and customers are not impacted beyond what is required by law. – GitHub

According to this, the suspended private accounts are either affiliated, collaborating, or working with/for sanctioned entities. However, even those who previously worked for a sanctioned company appear to be suspended by mistake.

This means that Russian users, in general, can suddenly find their projects wiped and accounts suspended, even if those projects have nothing to do with the sanctioned entities.

Source: https://www.bleepingcomputer.com/news/security/github-suspends-accounts-of-russian-devs-at-sanctioned-companies/

Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2023 Cyber Reports Cyber Security News All Rights Reserved Website by Top Search SEO