Hackers stole data from thousands of GitHub repositories, the code-hosting giant said on Tuesday.

“While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity,” the company said in a post on X.

On Wednesday, the company confirmed that attackers had compromised roughly 3,800 repositories after a GitHub employee used a malware-infected Visual Studio Code extension.

“We continue to analyze logs, validate secret rotation, and monitor for any follow-on activity,” GitHub said.

Code repositories have become a frequent target of hackers seeking to poison popular software packages with malware. Over the past two years, malicious actors have compromised the data-compression tool XZ Utils, the vulnerability scanner Trivy and more than 500 packages on the JavaScript registry npm. On Tuesday, two cybersecurity firms disclosed another wave of npm supply-chain compromises.

GitHub did not provide key information about the attack, including the identity of the threat actor responsible for the breach. But the cybercrime group TeamPCP claimed credit for the attack in a dark-web post advertising the stolen data.