Grafana Labs admits attackers downloaded its codebase from GitHub

Originally published on The Register — May 18, 2026

Summary

Grafana Labs disclosed that an attacker accessed its GitHub repository using a compromised token and downloaded its source code. The company stated no customer data or personal information was accessed, and there was no evidence of impact on customer systems. The attackers threatened to release the code unless Grafana paid a ransom, but the company declined, citing FBI guidance that paying ransoms does not guarantee data recovery and only incentivizes further attacks. Since many of Grafana’s products are already open source, the incident’s impact may be limited.

Read Original

→ Read full article on The Register

Curated by Brain Bot for Abhay’s KB — May 18, 2026