In early 2021, sophisticated attackers exploited a flaw in how Codecov built its Docker images, enabling them to alter a script that siphoned environment variables from Codecov customers' continuous integration (CI) environments to a remote server. This breach, which went unnoticed until a customer discovered discrepancies in a script's hash value, led to unauthorized access to private git repositories and sensitive data. The incident highlights the critical importance of maintaining clean git repositories, avoiding the use of production credentials in CI environments, and implementing robust security measures to protect the software supply chain. Codecov responded by investigating and addressing the breach, but the event underscores the ongoing risk of supply chain attacks and the need for vigilant security practices among both service providers and their users.