Update: Our internal investigation is complete and confirms our initial findings — there was no unauthorized access to customer production systems or Grafana Cloud.
We’ve engaged Mandiant to conduct an additional audit, and we’ll share information from our PIR in the coming weeks.
Grafana
⚠️ On May 16, 2026, we confirmed a targeted attack by a cybercrime group that gained unauthorized access to our GitHub repositories and downloaded our codebase.
Here is the latest update about our investigations.
Grafana Labs confirmed a targeted attack by a cybercrime group that gained unauthorized access to our GitHub repositories and downloaded our codebase. Here is the latest update about our investigation...
