Data breach at Codecov
After an investigation, the company Codecov, which offers an online platform for code testing, has confirmed a data breach via a supply chain attack affecting its Bash Uploader script.
The incident, which has been active since 31 January, was detected on 1 April. A cybercriminal gained unauthorised access to the script, modifying it without permission, allowing to exfiltrate and send the information stored in shared environments with users to an external third party server.
Following the incident and after having reported it to the relevant authorities, Codecov repaired the script and took actions such as rotating credentials, auditing the source of the cause, implementing monitoring tools and decommissioning the malicious web server.
References:
- 15/04/2021 about.codecov.io Bash Uploader Security Update
- 15/04/2021 securityweek.com Codecov Bash Uploader Dev Tool Compromised in Supply Chain Hack
- 17/04/2021 reuters.com US investigators probing breach at code testing company Codecov
- 17/04/2021 gizmodo.com U.S. Federal Investigators Are Reportedly Looking Into Codecov Security Breach, Undetected for Months
- 19/04/2021 unaaldia.hispasec.com Brecha de seguridad afecta a Codecov