GRAFANA confirmed that unauthorized access to its GitHub repositories was a result of the TanStack supply chain attack, which took place on May 11.
Key points include:\n- Malicious activity detected led to the rotation of GitHub workflow tokens, but one was not revoked, resulting in data theft. \n- Grafana received a ransom demand on May 16 but refused to pay, enhancing its security measures and notifying law enforcement. \n- Although the codebase was stolen, it was not modified or used in any production systems, and no
action is needed from users. \n- The incident is isolated to GitHub repositories and has not impacted Grafana’s operational systems or the Grafana Cloud platform.