Investigation under way after hack at provider of code testing software

The San Francisco-headquartered company has also hired a third-party forensic firm to assist in its investigation on any potential impact on users. Codecov has more than 29,000 customers.

In a 15 April statement on the breach, CEO Jerrod Engelberg says the company learned on 1 April that someone had gained unauthorised access to its Bash Uploader script and modified it without permission.

Codecov immediately secured and remediated the affected script.

Its investigation has determined that from 31 January there were periodic, unauthorised alterations of the script by a third party, which enabled them to potentially export information stored in users’ continuous integration environments. Continuous integration allows developers to centralise the many changes to code as an application is created.

The exported information was then sent to a third-party server outside Codecov’s infrastructure.

Among steps the company has taken in response is setting up monitoring and auditing tools to ensure a similar unintended change cannot occur to Bash Uploader again and working with the hosting provider of the third-party server to ensure the malicious webserver was properly decommissioned.

“Codecov maintains a variety of information security policies, procedures, practices, and controls. We continually monitor our network and systems for unusual activity, but Codecov, like any other company, is not immune to this type of event,” said Engelberg.

“We are also working to further enhance security so we can stay ahead of this type of activity, including reinforcing our security tools, policies and procedures … We regret any inconvenience this may cause and are committed to minimising any potential impact on you, our users and customers.”

Register to receive the latest cyber security news and analysis straight to your inbox