Grafana Labs said hackers downloaded its source code after compromising its GitHub environment with a stolen access token, but no customer data or personal information was exposed. The extortion group CoinbaseCartel claimed responsibility and tried to pressure Grafana into paying, while the company refused and followed FBI guidance. #GrafanaLabs #GitHub #CoinbaseCartel #FBI
Keypoints
- Grafana Labs confirmed a breach of its GitHub environment.
- Attackers used a stolen access token to download source code.
- The company found no evidence of customer data or personal information exposure.
- CoinbaseCartel claimed the attack and listed Grafana on its leak site.
- Grafana refused to pay the ransom and reset compromised credentials.