Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom
Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom
Grafana Labs, the maker of its eponymous popular open source web visualization software, confirmed it had been hacked but that it refused to pay the hackers who had threatened to release the company’s codebase.
In a series of posts on social media, the lab said its investigation found that the hackers had abused a stolen token credential that allowed access to the company’s GitLab environment, which it uses for code development. The token did not provide access to customer records or financial data, but allowed the hackers to obtain the company’s repositories of source code. The company has since invalidated the token and added additional security measures to prevent a repeat incident.
“The attacker attempted to blackmail us, demanding payment to prevent the release of our codebase,” the company said.
Grafana’s code is open source and public, meaning anyone can download the software and edit its code before running it on their own machines. It’s unclear if the hackers stole any proprietary code or information. A spokesperson for the company did not immediately return a request for comment.
The incident contrasts with the recent hack at education tech giant Instructure, which last week “reached an agreement” to pay the hackers who had compromised its network twice in recent weeks. The hackers had demanded an unspecified ransom, threatening to release stolen data about staff and students who use its software following a massive data breach and a subsequent website defacement.
While in Grafana’s case, no customer data was taken, the company cited the FBI’s long-standing advice urging victims not to pay hackers, as cooperating with hackers does not guarantee that they would return stolen data or refrain from publishing it later. Critics also say paying cybercriminals helps to fund future cyberattacks.
Grafana said its investigation was ongoing and will share its findings once its probe concludes.
When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
Zack Whittaker is the security editor at TechCrunch. He also authors the weekly cybersecurity newsletter, this week in security.
He can be reached via encrypted message at zackwhittaker.1337 on Signal. You can also contact him by email, or to verify outreach, at zack.whittaker@techcrunch.com.
Most Popular
Sponsor
Sponsor
Sponsor
Sponsor
Zoekertjes
Categorieën
Read More
AMC Monthly Movies Price Hike: Here's How Your Plan Is ChangingIf you're catching up to four films each week in AMC theaters with a monthly Stubs A-List membership, it might cost you a bit more to go to the movies in July. AMC Theaters is updating the price of select plans on July 15, according to its website, with existing customers experiencing the price hike on their first billing on or...
Samsung Galaxy S26 vs. Google Pixel 10: The Big Differences Between Each FlagshipSamsung announced the Galaxy S26 at its Unpacked event in February. It gave the base model a battery boost but hiked its starting price by $100 over the Galaxy S25. This comes at a time when Samsung's closest Android rival, Google, is bridging the gap between its base and Pro models. The company added a dedicated...
Oscars moving to a new home outside HollywoodThe Academy via Getty ImagesThe Oscars will leave their longtime home in the heart of Hollywood and relocate to a more central Los Angeles venue beginning in 2029 - the same year its telecast is set to move to YouTube.The globally watched Academy Awards will now be held at the Peacock Theater, a venue with greater seating capacity than its current...
I've Finally Got My Dream Camera Phone: Xiaomi's Leica Leitzphone Review Leica Leitzphone by Xiaomi Pros Stunning image quality Plethora of Leica color effects Physical ring to control camera settings Powerful processor performance Cons Very high price Battery life...
Today's Wordle Hints, Answer and Help for May 10, #1786Looking for the most recent Wordle answer? Click here for today's Wordle hints, as well as our daily answers and hints for The New York Times Mini Crossword, Connections, Connections: Sports Edition and Strands puzzles. Today's Wordle puzzle is a familiar word, but with a repeated letter, that could trip you up. If you need...
