What was the purpose? Were the repositories private? Was the attack targeted toward known accounts working on new projects -- i.e., industrial espionage?
From a Github email to a friend to whom this happened:
"We have reviewed our logs and it doesn't appear that any actions were taken by the attacker other than to authorize the 'GitHub XRP Giveaway' application against your account.
You should be able to find the OAuth events for that application in your account's security history:
https://github.com/settings/security
We do not believe that the application's authors were responsible for the break-in, rather that the attackers were attempting to game the giveaway.
Ripple's explanation of the giveaway can be found here: https://ripple.com/blog/git-in-the-game-2020-xrp-giveaway-fo...