If I were to steal someones phone in public I will assume they have at least a bank app and multiple apps with their card saved for easy buying. By the time they get access to another device or their banks I get enough time to do a lot of damage. I can also save some credentials for later access after the waters settle. I doubt my victim will go through each of their accounts and change passwords. Most users use a Gmail account which has multiple ways to get access back, and most users don’t know how to check them and disable what they use and not use. I can easy setup a sort of backdoor in their email and gather more important information.

You never know what important information you might store in your Github account. You have a donation link in your description? Would be a pity if I would change that link to my personal bank account and just divert some fund back in your bank account to not raise suspicion.