Grafana says stolen GitHub token allowed attackers to download its codebase
Grafana Labs reported that hackers accessed its source code using a stolen GitHub access token. The attackers, part of a group called CoinbaseCartel, attempted to extort the company but Grafana chose not to pay the ransom. The company confirmed that no customer data was compromised and has implemented additional security measures.
- ▪Grafana Labs disclosed a breach of its GitHub environment due to a stolen access token.
- ▪The CoinbaseCartel claimed responsibility for the attack but no data has been leaked yet.
- ▪Grafana decided not to pay the ransom, following FBI guidance, and stated that customer data remained secure.
Opening excerpt (first ~120 words) tap to expand
Grafana says stolen GitHub token let hackers steal codebase By Bill Toulas May 18, 2026 09:46 AM 0 Grafana Labs disclosed that hackers have downloaded its source code after breaching its GitHub environment using a stolen access token. A relatively new extortion gang known as CoinbaseCartel has claimed the attack by adding Grafana to their data leak site (DLS), although no data has been leaked yet. Grafana Labs is the company behind Grafana, the popular open-source platform for analytics, monitoring, and real-time data visualization. Paying customers are primarily large enterprises, cloud providers, telecos, banks, governments, e-commerce platforms, and infrastructure operators. According to Grafana, more than 7,000 organizations use the product, including 70% of the Fortune 50 companies.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at BleepingComputer.
Discussion
0 commentsMore from BleepingComputer
