Grafana Labs, the maker of its eponymous popular open source web visualization software, confirmed it had been hacked but that it refused to pay the hackers who had threatened to release the company’s codebase.
In a series of posts on social media, the lab said its investigation found that the hackers had abused a stolen token credential that allowed access to the company’s GitLab environment, which it uses for code development. The token did not provide access to customer records or financial data, but allowed the hackers to obtain the company’s repositories of source code. The company has since invalidated the token and added additional security measures to prevent a repeat incident.
