So I made a Gitlab account on gitlab.com on Saturday the 19th and a repo for my new project (empty thus-far). I made it private so I didn’t think anyone would be able to access it: https://gitlab.com/JosephXylon/tidytask
This morning 29 Spam Issues and 29 Spam Merge Requests have appeared on my repo appearing to have been created by my own account. And they are dated 2 months ago before my account or this repo existed. I even checked my account activity and it has hundreds of actions all dated Sept 25th?
My first thought was that my account had been compromised but i can’t imagine how that would happen as I use strong passwords and have only logged in from one, fully patched computer.
The comments are all Latin Lorum Ipsum and include links to localhost URLs.
What do people think has happened?