A recent breach has feared another SolarWinds style that could have consequences for many large companies. Reuters reports that federal officials are investigating a hack at Codecov, a code testing firm with 29,000 customers that Proctor & Gamble, the Washington Post and technology companies such as Atlassian and GoDaddy. The intrusion appears to have lasted for months, putting customers at risk.
Codecov said attackers exploited an error in a Docker image creation process to make “periodic, unauthorized” changes to the company’s Bash Uploader script from January 31st. The adjustments gave the hackers the power to export customer information and send it to an external server. However, Codecov only learned of the incident on April 1. The team refreshed its internal logins, set up audit and monitoring systems, and the server had to turn off the server, but it was not sure how many customers were affected.
A Codecov spokesman declined to comment on the incident outside the statement confirming federal involvement. Atlassian said it had not yet seen evidence that it was affected, but Procter & Gamble and other companies initially did not respond. Reuters requests for comment.
The concern, as you might think, is that the offenders may have obtained sensitive data from Codecov’s customers without giving them a chance to respond or notify their own users. It can be a small incident if the attackers do not use the error, but it can also be a crisis if there are successful thefts.
All products recommended by Engadget are selected by our editorial staff, independent of our parent company. Some of our stories contain affiliate links. If you buy something through one of these links, we can earn an affiliate commission.