# Accidental GitHub Invites Dec 13, 2025 #security Having [@name](https://github.com/name) on GitHub is pretty cool, but the amount of spam, mentions, extortion emails, and accidental invites makes it less enjoyable. One of the biggest accidents I've experienced was when @redacteduser for a $200+ million in revenue, 40+ million monthly users, and 800+ private repos company invited me as a member of the entire org giving me r/w access across the board. It was pretty cool getting a peek behind the curtain of a major tech company (ios and android apps, website source, internal tools, iac) but it very quickly hit me that even accepting the invite might get me in some trouble. I looked for a <[email protected]> email address to make the relevant staff aware. Annoyingly, there wasn't one. I started an online chat with support that after taking 40-50 minutes to get through to someone who seemed to understand, ended with a, "we'll come back to you on this asap." reply... as you might guess, I never heard anything back. Helpfully, you can view other members of the org in GitHub so a quick search of the admins gave me some names which i tried a few variations of common email addresses ('first.last', 'flast', 'first', 'firstlast') but all I received were bounce backs. I pulled up linkedin, dm'd a few senior staff in the security team and finally got through to a tech team lead who revoked my access, thanked me for the heads-up, and *presumably* spoke with whoever gave me access in the first place. Be careful who you're sending invites too, and before accepting an org invitation, check where you're actually ending up.