GovInfoSecurity
Compliance
DougOlenick) • April 16, 2021 Get Permission
Codecov, a company that tests software code prior to release, has notified customers that attackers had access to its network for a month and placed malware in one of its systems, which may have led to the exfiltration of customers information.
The company says it learned from a customer on April 1 that attackers had gained access to its Docker image creation process and extracted the credentials needed to access and modify the company s Bash Uploader and other internal systems. An investigation determined the attackers routinely accessed the company s network for about a month. Our investigation has determined that beginning Jan. 31, 2021, there were periodic, unauthorized alterations of our Bash Uploader script by a third party, which enabled them to potentially export information stored in our users continuous integr