You should review your authorized applications to verify that no new applications with expansive permissions are authorized, such as those that have access to your private repositories.

  1. Settings icon in the user barIn the upper-right corner of any page, click your profile photo, then click Settings.
  2. OAuth Applications tabIn the left sidebar, click OAuth Applications.
  3. Applications listReview the tokens that have access to your account. For those that you don't recognize or that are out-of-date, click Revoke. To revoke all tokens, click Revoke all.