One day I received an email saying that a third party app was added to my github account, they in an instant it says my password has been changed, key was stripped, etc.
If the folks at GitHub are half-decent engineers (and everything I've seen suggests they know what they're doing), they'll have request logs that would make it very very obvious someone had done this.
Would advise sending a support request in, if you think this happened to you.
One day I received an email saying that a third party app was added to my github account, they in an instant it says my password has been changed, key was stripped, etc.