Home / Companies / Grafana Labs / Blog / Post Details
Content Deep Dive

Post-incident review for TanStack npm supply chain ransom incident

Blog post from Grafana Labs

Post Details
Company
Date Published
Author
Joe McManus
Word Count
1,180
Company Posts That Month
7
Language
English
Hacker News Points
-
Summary

In response to a supply chain ransom incident involving TanStack, Grafana Labs conducted an extensive investigation and remediation effort, confirming that there was no unauthorized access to customer production systems or alteration of their codebase. The incident, which began on May 11 with the Mini Shai-Hulud campaign, involved the cloning of repositories after an overlooked credential allowed a bad actor access. Despite a ransom demand, Grafana Labs, adhering to its principles and FBI guidance, opted not to pay. The company engaged cybersecurity firm Mandiant to conduct an independent audit, which corroborated Grafana's findings of no code tampering or compromised customer systems. Following the incident, Grafana Labs implemented a robust security strategy, including global code freezes, comprehensive audits, and enhanced security operations, while maintaining transparency with their community. The company continues to improve its security posture by employing token brokers, fine-grained access controls, and more restrictive GitHub actions, committing to ongoing efforts to strengthen their security infrastructure.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Secrets Management 3 2,063 322 117 -4%
Kubernetes 1 1,993 294 100 +1%