preloader

· security devops supply-chain open-source github

Grafana Labs Refuses Ransom After TanStack Supply Chain Attack Exposes Its Entire Codebase on GitHub

Source: Grafana Labs

Grafana Labs disclosed on May 18 that attackers had gained access to its GitHub environment and downloaded its full codebase. The root cause, confirmed shortly after, was a supply chain compromise of the TanStack npm package by a group identified as TeamPCP. The malicious package was detected on May 11 and had also been used to breach GitHub directly and to attack OpenAI and Mistral AI in the same campaign.

The mechanism followed the pattern now well-established in developer supply chain attacks: a widely trusted open-source package was tampered with, workflow automation tokens exposed during the compromise were harvested, and those tokens were used to authenticate against private repositories. Grafana had rotated most of its tokens when the TanStack compromise became known, but one token was missed, and that was sufficient for the attackers to access and exfiltrate the repositories.

Grafana received an extortion demand on May 16, threatening to release the stolen code unless a ransom was paid. The company declined. Its reasoning aligns with the FBI’s formal position: paying does not guarantee deletion of the stolen data, it funds further criminal operations, and there is no enforceable mechanism to verify compliance. Grafana’s investigation confirmed that no customer production systems, no Grafana Cloud infrastructure, and no customer data were affected. The breach was limited to the GitHub environment.

The response after discovery was fast and methodical: automation tokens were rotated across the board, commit histories were audited, monitoring was enhanced, and GitHub security posture was significantly hardened. The company has been transparent about the timeline and the decision not to pay.

What makes this incident instructive is not the outcome but the path there. Grafana Labs is a sophisticated engineering organisation maintaining widely-used open-source monitoring software. Its developers work with npm packages daily, have security processes in place, and operate at a scale that demands mature tooling. The initial compromise vector was not a misconfiguration of their own systems but a package their tooling depended on. One missed token was the gap between a contained incident and a full codebase exfiltration.

The broader campaign hit multiple high-profile targets simultaneously, which suggests that the attackers had mapped the dependency graph of popular npm packages before triggering the compromise. That approach scales. The attacker’s investment in poisoning a single upstream package was multiplied across every organisation that depended on it.

Software teams that have not audited their CI/CD token scopes, their npm dependency exposure, and their GitHub Actions permission models in the past twelve months are carrying risk they may not be able to quantify. The combination of broad token permissions and transitive npm dependencies is a structural problem that doesn’t resolve itself.

If you want an honest assessment of your development pipeline’s exposure to supply chain compromise, contact Excello Digital. We will review your token hygiene, dependency surface, and CI/CD configuration and give you a clear picture of where you stand.

Back to news

We’ll help you resolve your infrastructure challenges

Our team of experts is ready to help you with your infrastructure challenges. We’ll give you honest and personal treatment. Get in touch to learn more.

Get in touch!