Hackers access GitHub, download codebase in Grafana Labs breach

The hackers have since demanded a ransom payment from Grafana Labs to prevent the release of its codebase.

US software company Grafana Labs has confirmed a breach in which hackers gained access to the organisation’s GitHub system after stealing a private token and downloaded the company’s codebase.

A provider of an open-source and visualisation web app with 25m users and more than 7,000 customers, including Anthropic, Bloomberg, Nvidia, Microsoft and Salesforce, Grafana Labs has a presence in more than 40 countries.

In a statement posted on LinkedIn, Grafana Labs said, “Our investigation has determined that no customer data or personal information was accessed during this incident, and we have found no evidence of impact to customer systems or operations.

“We immediately initiated forensic analysis and we believe we’ve identified the source of the credential leak. We have since invalidated the compromised credentials and implemented additional security measures to further secure our environment against unauthorised access.”

Hackers access GitHub, download codebase in Grafana Labs breach

Other newsrooms on this story

Related reading

Grafana says stolen GitHub token let hackers steal codebase

Open source tool maker Grafana Labs says hackers stole its code, refuses to pay…

Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

Grafana Labs admits all its codebase are belong to someone who popped its…

Grafana Labs Is Cleaning Up On The Vibe Coding Boom

Trellix Confirms Source Code Breach With Unauthorized Repository Access