We are contacting you because your Bitbucket Cloud repository was recently accessed and deleted by an unauthorized third party.
We are in the process of restoring your repository and expect it to be restored within the next 24 hours.
We believe that this was part of a broader attack against several git hosting services, where repository contents were deleted and replaced with a note demanding the payment of ransom.
During this attack, a third party accessed your repository by using the correct username and password for one of the users with permission to access your repository. We believe that these credentials may have been leaked through another service, as other git hosting services are experiencing a similar attack.
We have not detected any other compromise of Bitbucket.
We have proactively reset passwords for those compromised accounts to prevent further malicious activity. We will also work with law enforcement in any investigation that they pursue.
We encourage you and your team members to reset all other passwords associated with your Bitbucket account. In addition, we recommend enabling 2FA on your Bitbucket account.
If you have any questions or would like further assistance, please contact our support.