Grafana Labs Confirms Data Breach from Supply Chain Attack Targeting TanStack

Grafana Labs confirmed that a recent data breach originated from a supply chain attack targeting TanStack. The incident involved unauthorized access to Grafana’s code repositories, though the specific timeline and technical details of the compromise were not disclosed. No CVE IDs or exact dates were provided in relation to the breach. The attack exploited a third-party dependency, highlighting risks in the software supply chain. The impact included potential exposure of proprietary code, but no customer data compromise was explicitly stated. The disclosure follows broader industry concerns about supply chain security vulnerabilities.