Grafana Labs, the company behind the widely used open-source observability platform Grafana, confirmed that hackers gained unauthorized access to its systems and stole portions of its codebase. The attackers reportedly threatened to publish the stolen source code unless the company agreed to pay a ransom.
According to Grafana Labs, the breach occurred after hackers obtained a stolen token credential that provided access to the company’s GitHub environment, where its source code is stored. The company stated that the compromised token has since been invalidated and additional security protections have been implemented to strengthen its systems against future attacks.
Grafana Labs emphasized that no customer records, financial information, or personal data were accessed during the incident. The company also said there is currently “no evidence of impact to customer systems or operations.”
In its public statement, Grafana Labs said, “The attacker attempted to blackmail us, demanding payment to prevent the release of our codebase,” but confirmed that it would not comply with the ransom demand.
Since Grafana itself is largely open-source software, much of its code is already publicly accessible. However, reports suggest the hackers may have also obtained proprietary or enterprise-related code that is not publicly available. The company has not disclosed the exact scope of the stolen information as investigations remain ongoing.
The incident highlights the increasing number of cyberattacks targeting technology companies and software infrastructure providers. Cybersecurity experts have continued warning that stolen credentials and compromised development environments are becoming a major attack vector across the tech industry.
