Attackers accessed, downloaded code from Grafana Labs’ GitHub

Grafana Labs disclosed that an attacker accessed its GitHub environment and downloaded portions of the company’s codebase, including proprietary components; the attackers threatened to publish the stolen code unless paid, a claim the extortion group known as "Coinbase Cartel" asserted. Grafana reported no evidence of customer data exposure or impact to customer systems, invalidated compromised credentials, has launched forensic analysis, and has declined to pay the ransom.