Codecov Hackers Accessed Source Code

Share post:

Online workflow management platform, said it found that unauthorized actors had gained access to a read-only copy of their source code after investigating the Codecov breach and its impact on the organization.

In the F-1 form filed this week with the U.S. Securities and Exchange Commission, the company also stated that there was no evidence that the source code was tampered with by the attackers or that any of the company’s products were affected by the breach.

The company added: “The attacker did access a file containing a list of certain URLs pointing to publicly broadcasted customer forms and views hosted on our platform and we have contacted the relevant customers to inform them how to regenerate these URLs.”

Prior to this week’s release, the company, which is also a Codecov customer, said it had to remove Codecov’s access to its environment and stop using the service completely after the Codecov supply chain attack was discovered.

The company’s security team said: “Upon learning of this issue, we took immediate mitigation steps, including revoking Codecov access, discontinuing our use of Codecov’s service, rotating keys for all of’s production and development environments, and retaining leading cybersecurity forensic experts to assist with our investigation.”

For more information, read the original story in Bleeping Computer.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for week ending Friday, Feb. 23, 2024

This episode features discussion on the takedown of the LockBit ransomware gang

Breaking news: RCMP facing ‘alarming’ cyber attack

The RCMP is facing a serious cyber attack from an unspecified threat actor. The Mounties told CBC News today that a “breach of this magnitude is alarming.” “The situation is evolving quickly but at this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” a spokesperson

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways