A recent breach has raised fears of yet another SolarWinds-type hack that could have ramifications for many large companies. Reuters reports that federal officials are investigating a hack at Codecov, a code testing company with 29,000 customers, including Proctor & Gamble, the Washington post and tech companies like Atlassian and GoDaddy. The intrusion appears to have lasted for months, putting customers at risk.
Codecov said attackers exploited a flaw in a Docker imaging process to make “periodic and unauthorized” changes to the company’s Bash Uploader script starting January 31. The changes gave hackers the power to export client information and send it to an outside server. However, Codecov did not learn of the incident until April 1. The team updated their internal connections, set up auditing and monitoring systems, and asked the hosting provider to shut down the server, but they were unsure how many customers were affected.
A Codecov spokesperson declined to comment on the incident beyond the statement confirming federal involvement. Atlassian said he had not seen evidence he was affected, but Procter & Gamble and other companies did not initially respond. Reuters requests for comments.
The problem, as you can imagine, is that the authors could have obtained sensitive data from Codecov customers without giving them the ability to respond or inform their own users. This could be a minor incident if the attackers did not use the loophole, but it could also represent a crisis if there were successful robberies.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through any of these links, we may earn an affiliate commission.