Hi all - I have a repo I pushed to github (private repo from inception) which I didn’t bother removing the .env file from as I wouldn’t be using that privatekey in production and I am the only person with access to the github account and repo. The private key seems to have leaked and the low balance withdrawn from my wallet. I read up on this before. However I am not sure if its github pushes in general which are compromised or if its my pc… I assume its github pushes but I’d appreciate direction.
Hi @CleanMcGerk
The only way to remove the private key from github repo is by deleting the remote repo can cleaning the git history of your project.
Github private repos are only visible to you, so maybe it could have been leaked in some other way.