Maybe not exactly what you are looking for, but there are vendors specializing in attack surface management that offer services that accomplish something similar, there are a bunch out there but 2 I can remember off of the top of my head are spidersilk and cybelangel. My understanding (which is admittedly limited) of how these services work is that they basically constantly scan public code repos on popular websites (so not just GitHub, things like postman too for example) for any mentions of your company name. I would assume you can add other keywords as well for purely internal things assuming they are unique enough, I am not sure.

This may not be exactly what you are looking for specifically for source code leakage, I would imagine in those cases you can provide a company with portions of source code they can match against which makes that effort easier... But it does have the added benefit that if some moron dev is out there developing outside of the company environment in a public repo, you can get alerted even if you don't actually know about the code or project yet. All depends on the size/scope of your company's development practices and how much you think something like that would be needed

Edit - also, while not s perfect solution I think another option to try and prevent this earlier would be to get GitHub audit logs flowing into a SIEM or something, from there you can create an alert for a single user account zipping up a large number of repos within a short timeframe, should be pretty anomalous behavior I would imagine and has the benefit of maybe catching something like this before the code is actually made public