Key Findings Unauthorized party obtained a GitHub token granting access to Grafana's environment and downloaded company source code Attacker demanded ransom to prevent stolen code from being published; Grafana refused to pay No customer data, personal information, or impact to customer systems was identified CoinbaseCartel, a data extortion group that emerged in September 2025, has claimed responsibility Grafana invalidated compromised credentials and implemented additional s