Codecov said that attackers exploited a flaw in a Docker image creation process to make “periodic, unauthorized” changes to the company’s Bash Uploader script starting on January 31st. The modifications gave the hackers power to export customer info and send it to an outside server. However, Codecov only learned of the incident on April 1st. The team refreshed its internal sign-ins, set up auditing and monitoring systems and had the hosting provider shut down the server, but it wasn’t certain how many customers had been affected.
A spokesperson for Codecov declined to comment on the incident beyond the statement confirming federal involvement. Atlassian said it hadn’t seen evidence it was affected, but Procter & Gamble and other companies hadn’t initially responded to Reuters requests for comment.
The concern, as you might imagine, is that the perpetrators might have obtained sensitive data from Codecov’s customers without giving them a chance to respond or notify their own users. It could be a minor incident if the attackers didn’t use the flaw, but it could also represent a crisis if there were any successful thefts.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
social experiment by Livio Acerbo #greengroundit #engadget https://www.engadget.com/us-investigates-codecov-hack-215506985.html