Cyberattack: Attackers copy Grafana source code
Grafana Labs experienced an IT security incident. Attackers were able to copy internal data. They are now demanding ransom.
(Image: heise online / dmk)
Grafana Labs has become the victim of a cyberattack. Attackers gained access to Grafana's source code. However, the developers do not intend to pay the demanded ransom.
Grafana is an open-source application for analyzing, monitoring, and visualizing real-time data from various sources in IT environments. The tool is used worldwide by large companies, including those on the Fortune 50 list.
The Attack
Grafana Labs reports on the incident on X. According to the statement, the attackers from CoinbaseCartel gained access to the tool's GitHub environment using stolen credentials and accessed data there. Grafana Labs does not currently explain how the attackers obtained the GitHub token. They state that they know the source internally and have now revoked the credentials. Additionally, they have implemented further security measures.
Videos by heise
The developers assure that, to their current knowledge, no customer data or personal employee data has been affected by the incident. Grafana Labs states that it will not pay any ransom. In doing so, they follow the official recommendation of the FBI. After all, payment does not guarantee that the criminals will “return” the data. Furthermore, it sets a precedent for other companies that are victims of such cyberattacks if they do not pay the ransom and thus do not line the pockets of the criminals.
Once the investigation of the IT systems is complete, the Grafana developers plan to release further details about the incident. It is currently unclear when this will happen.
(des)
