Grafana Rejects Ransom Demand After GitHub Breach Exposes Codebase Theft

Grafana disclosed that an unauthorized party used a compromised GitHub access token to download portions of its codebase and then attempted to extort the company; Grafana revoked the token, implemented additional controls, found no evidence of customer data or operational impact, and reporting has tied the incident to a data-extortion group known as CoinbaseCartel while a full investigation continues.