tl;dr: User countermeasures:

• Noreply-Email-Address: Every GitHub user should either use a dedicated commit email address or GitHub’s noreply-email-address service, also enabling the option to block accidental command line pushes.
• 2-Factor-Authentication: Every GitHub user should have 2-Factor-Authentication enabled
• Raise Awareness: it’s the duty of developers aware of this issue toinform their colleagues about it

sed -i "s/$real_email/$github_email/" /opt/*/.git/config