PANews reported on May 18th that Grafana, an open-source data visualization tool, announced on its X platform that an unauthorized party recently obtained a token to access its Grafana Labs GitHub environment, which the threat actor used to download its codebase. The company's investigation determined that no customer data or personal information was accessed in this incident, and no impact was found on customer systems or operations. The company immediately initiated forensic analysis and believes it has identified the source of the credential breach. Grafana has now invalidated the compromised credential and implemented additional security measures.

Attackers attempted to blackmail the company, demanding a ransom to prevent the release of its codebase. Based on operational experience and the FBI's public stance (that paying a ransom does not guarantee data recovery and only incentivizes more such illegal activities), Grafana decided not to pay the ransom. As part of standard security practice, the company will share more information from its post-incident review upon completion of the investigation.