Codecov Hackers Accessed Source Code

Share post:

Online workflow management platform, said it found that unauthorized actors had gained access to a read-only copy of their source code after investigating the Codecov breach and its impact on the organization.

In the F-1 form filed this week with the U.S. Securities and Exchange Commission, the company also stated that there was no evidence that the source code was tampered with by the attackers or that any of the company’s products were affected by the breach.

The company added: “The attacker did access a file containing a list of certain URLs pointing to publicly broadcasted customer forms and views hosted on our platform and we have contacted the relevant customers to inform them how to regenerate these URLs.”

Prior to this week’s release, the company, which is also a Codecov customer, said it had to remove Codecov’s access to its environment and stop using the service completely after the Codecov supply chain attack was discovered.

The company’s security team said: “Upon learning of this issue, we took immediate mitigation steps, including revoking Codecov access, discontinuing our use of Codecov’s service, rotating keys for all of’s production and development environments, and retaining leading cybersecurity forensic experts to assist with our investigation.”

For more information, read the original story in Bleeping Computer.


Related articles

CrowdStrike update causes global IT outages, fix is available

Some airlines, banks and government services around the world have been affected by a faulty software update for...

Charges dismissed in SolarWinds hacking case

A judge has dismissed most of the Securities and Exchange Commission's (SEC) fraud charges against SolarWinds related to...

Canadian is among foreign nationals pleading guilty to involvement with Lockbit ransomware

Two foreign nationals have pleaded guilty in the US District of New Jersey to their involvement in the...

FBI rapidly hacks into Trump shooter’s phone, raises privacy concerns

Just two days after the attempted assassination at a Trump rally, the FBI announced it had gained access...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways