Security News > 2021 > May > E-commerce giant suffers major data breach in Codecov incident
E-commerce platform Mercari has disclosed a major data breach incident that occurred due to exposure from the Codecov supply-chain attack.
Today, e-commerce giant Mercari has disclosed major impact from the Codecov supply-chain attack on its customer data.
Mercari drops Codecov entirely after month-long investigation.
Mercari became aware of the impact from the Codecov breach shortly after Codecov's initial disclosure made mid-April.
On April 23rd, GitHub also notified Mercari of suspicious activity related to the incident seen on Mercari's repositories.
Eventually, Mercari staff determined that a malicious third party had acquired and misused their authentication credentials and accessed Mercari's private repositories between April 13th and April 18th. On discovery of this attack, Mercari immediately deactivated the compromised credentials and secrets and continued investigating the full impact of the breach.
News URL
Related news
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Texas Tech University System data breach impacts 1.4 million patients (source)
- Ireland fines Meta $264 million over 2018 Facebook data breach (source)
- New fake Ledger data breach emails try to steal crypto wallets (source)
- Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts (source)
- 46% of financial institutions had a data breach in the past 24 months (source)
- UN aviation agency investigating possible data breach (source)
- Washington state sues T-Mobile over 2021 data breach security failures (source)
- Largest US addiction treatment provider notifies patients of data breach (source)
- STIIIZY data breach exposes cannabis buyers’ IDs and purchases (source)