Open source tools maker Grafana Labs says hackers stole its code and refuses to pay ransom

Grafana Labs, the maker of the popular open-source web visualization software of the same name, confirmed it had been hacked but refused to pay the hackers who had threatened to release the company’s codebase.

In a series of posts on social media, the lab said its investigation found hackers had misused a stolen token credential that allowed access to the company’s GitHub environment, which it uses to store source code, but the token did not allow access to customer files or financial data. The company has since canceled the token and added additional security measures to prevent a repeat incident.

“The attacker attempted to blackmail us, demanding payment to prevent the release of our codebase,” the company said.

Grafana’s code is open source and public, meaning anyone can download the software and edit its code before running it on their own machines. It is unclear whether the hackers stole proprietary code or information. A company representative did not immediately return a request for comment.

The incident contrasts with the recent hack at education tech giant Instructure, which last week “reached an agreement” to pay hackers who had breached its network twice in recent weeks. The hackers had demanded an unspecified ransom, threatening to release stolen data about staff and students using its software after a massive data breach and subsequent defacement of the website.

While in Grafana’s case, no customer data was obtained, the company cited long-standing FBI advice urging victims not to pay hackers, as cooperating with them does not guarantee they will return stolen data or refrain from publishing it later. Critics also say that paying cybercriminals helps fund future cyberattacks.

Grafana said its investigation was ongoing and would share its findings once its investigation was complete.

This story has been updated to correct that hackers breached access to Grafana’s GitHub environment.