On 25 April 2019, Docker discovered unauthorized access to a Docker Hub database containing data for approximately 190,000 accounts (less than 5% of Hub users). Docker Hub is the world’s largest container registry, used by millions of developers to store and share Docker container images. Exposed data included: usernames and hashed passwords (for accounts not using SSO); GitHub and Bitbucket OAuth tokens used for automated Docker Hub builds. Docker disclosed the breach on 26 April 2019 — within 24 hours of discovery. Docker immediately revoked all GitHub and Bitbucket OAuth tokens and required affected users to reconnect their repositories. This was the most serious aspect of the breach: the revoked tokens could have allowed attackers to access private code repositories for an unknown number of GitHub and Bitbucket accounts linked to Docker Hub. Automated build systems that relied on these tokens were disrupted. Docker notified affected users and reset passwords. The brief exposure window (hours to a day) and rapid response minimised the impact, but the potential for attackers to clone private source code repositories during the exposure window was concerning. The incident highlighted the supply chain risk of OAuth token storage in developer platform integrations.