Home / Companies / Grafana Labs / Blog / Post Details
Content Deep Dive

Grafana Labs security update: Latest on TanStack npm supply chain ransomware incident

Blog post from Grafana Labs

Post Details
Company
Date Published
Author
Joe McManus
Word Count
659
Company Posts That Month
8
Language
English
Hacker News Points
-
Summary

On May 16, 2026, Grafana Labs confirmed that a cybercrime group had gained unauthorized access to their GitHub repositories, downloading their codebase and issuing a ransom demand under the threat of data disclosure. The incident, originating from a TanStack npm supply chain attack, was detected on May 11, prompting immediate incident response actions, including rotation of GitHub workflow tokens and increased monitoring. Grafana Labs decided against paying the ransom, aligning with the FBI's stance on such matters, and notified federal law enforcement while enhancing their GitHub security measures. The investigation has thus far revealed no compromise of customer production systems or operations, and the incident was confined to the GitHub environment. Grafana Labs emphasizes transparency and trust, assuring users that the codebase remains unaltered and no customer action is required. They are focused on ongoing investigations and implementing stronger security controls to protect their CI/CD pipelines and prevent future incidents.

Trends Found in this Post

No tracked trend matches for this post yet.