Grafana Labs internal source code accessed

non-twitter link https://xcancel.com/grafana/status/2055827123236171827#m

Quote: “ The attacker attempted to blackmail us, demanding payment to prevent the release of our codebase. ...we’ve determined the appropriate path forward is to not pay the ransom.”

aren't they just psql tho? well, i guess we will find out soon.

Their whole repo had been made public !!!!

https://github.com/grafana/grafana

/s

>We recently discovered that an unauthorized party obtained a token with access to the Grafana Labs GitHub environment, enabling the threat actor to download our codebase.

I don't much like the securityese dialect of bureaucratese, but should this be "We recently discovered that a threat actor obtained a token with access to the Grafana Labs GitHub environment, enabling the unauthorized party to download our codebase" ?