"“Our investigation has determined that no customer data or personal information was accessed during this incident, and we have found no evidence of impact to customer systems or operations,” Grafana said in a series of posts on X."
"“Grafana also said it immediately launched a forensic analysis upon discovering the activity and that it identified the source of the leak, adding the compromised credentials have since been invalidated, and extra security measures have been implemented to secure against unauthorized access.”"
"“Furthermore, Grafana revealed the attacker tried to blackmail and extort the company, demanding they make a payment to prevent the stolen database from being published.”"
"“It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity,” the FBI states on its website."
An unauthorized party obtained a token that enabled access to Grafana’s GitHub environment and allowed downloading of the codebase. Grafana stated that no customer data or personal information was accessed and that there was no evidence of impact to customer systems or operations. Grafana launched forensic analysis after discovering the activity, identified the source of the leak, invalidated the compromised credentials, and implemented additional security measures to prevent unauthorized access. The attacker attempted to blackmail and extort Grafana by demanding payment to prevent publication of a stolen database. Grafana declined to pay, citing FBI guidance against negotiating ransoms. The incident timing was not disclosed, and no known threat actor was initially attributed, though reports linked it to CoinbaseCartel, described as a data extortion crew connected to other criminal ecosystems.
#github-security #credential-compromise #data-extortion #ransomware-guidance #forensic-investigation
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]