alt Hacker NewsGitHub has automatic secret scanning on all public repositories which notifies AWS if access keys are pushed. I would have expected these tokens to be immediately revoked by AWS. Is there something different about GovCloud access keys so they weren't detected?
I would expect this to work in accordance with Github uptime.... so take it for what its worth