"Observability outfit Grafana Labs has revealed that an attacker accessed its GitHub repository and stole its codebase. In social media posts the company blamed the situation on an "unauthorized party" who was somehow able to obtain a token that offered access to its GitHub environment. The company thinks it has identified the source of the credential leak, and therefore "invalidated the compromised credentials and implemented additional security measures to further secure our environment against unauthorized access.""
"But that didn't stop the attacker from threatening to release the company's code unless Grafana paid a ransom. Grafana says it won't pay. "Based on our operational experience and the published stance of the Federal Bureau of Investigation, which notes that 'paying a ransom doesn't guarantee you or your organization will get any data back' and only 'offers an incentive for others to get involved in this type of illegal activity,' we have determined the appropriate path forward is to not pay the ransom," the company wrote."
"It's not clear if that stance is entirely principled, because plenty of Grafana's products are already open source. The company's posts suggest that the attacker accessed code that is not freely available. The Register has sought clarification about just what the attacker accessed, because if they lifted code that's mostly already open source there's little reason for Grafana to pay a ransom!"
"Grafana's decision not to pay may also be easier than it is for other victims of cybercrime because the company says it "determined that no customer data or personal information was accessed during this incident, and we have found no evidence of impact to customer systems or operations." The company therefore appears confident that whatever code the attackers downloaded won't make a material different to its business, or ha"
An attacker accessed Grafana Labs’ GitHub repository and stole its codebase. Grafana attributed the incident to an unauthorized party that obtained a token granting access to its GitHub environment. Grafana identified the source of the credential leak, invalidated the compromised credentials, and implemented additional security measures. After the theft, the attacker threatened to release Grafana’s code unless a ransom was paid. Grafana stated it would not pay, citing operational experience and the FBI stance that paying a ransom does not guarantee data recovery and incentivizes further criminal activity. Grafana also reported that no customer data or personal information was accessed and found no evidence of impact to customer systems or operations.
Read at theregister
Unable to calculate read time
Collection
[
|
...
]