GRAFANA REJECTS RANSOM AFTER GITHUB BREACH

An unauthorized party obtained a token granting access to Grafana's GitHub environment, enabling them to download the company's source code. The attackers subsequently demanded a ransom in exchange for not releasing the codebase publicly. Grafana refused to pay the ransom. The company did not disclose the ransom amount or provide details about the attackers' identity. This incident highlights ongoing risks to software development infrastructure, even among established technology companies. GitHub tokens remain a high-value target for threat actors seeking to compromise codebases and intellectual property. Grafana has not announced whether the codebase was subsequently released or if the stolen code poses security risks to its users. The company has not detailed what steps it took in response to the breach beyond rejecting the ransom demand.