News and Updates on Information Technology

United States – Codecov

Exploit: Third Party Data Breach

Codecov: Software and Cloud Developer

cybersecurity news gauge indicating extreme riskRisk to Business: 1.337 = Extreme

Codecov is facing a mess after a threat actor managed to breach its platform and add a credentials harvester to one of its tools, Bash Uploader  Codecov said the breach occurred “because of an error in Codecov’s Docker image creation process that allowed the actor to extract the credential required to modify our Bash Uploader script.” The attacker gained access to the Bash Uploader script sometime in 01/21 and made periodic changes to add malicious code that would intercept uploads and scan and collect any sensitive information like credentials, tokens, or keys. Unfortunately, the bad guys had 2.5 months to run wild – the breach wasn’t discovered until 04/01. The damage isn’tlimited to only to clients who used the Bash Uploader script, either. Because the script is also embedded in other products, a large chunk of the company’s customers may be affected.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Not only did Codecov fall victim to a cyberattack that adulterated its product, it didn’t find out for 2.5 months. Not a good look.