Security News > 2021 > May > E-commerce giant suffers major data breach in Codecov incident
E-commerce platform Mercari has disclosed a major data breach incident that occurred due to exposure from the Codecov supply-chain attack.
Today, e-commerce giant Mercari has disclosed major impact from the Codecov supply-chain attack on its customer data.
Mercari drops Codecov entirely after month-long investigation.
Mercari became aware of the impact from the Codecov breach shortly after Codecov's initial disclosure made mid-April.
On April 23rd, GitHub also notified Mercari of suspicious activity related to the incident seen on Mercari's repositories.
Eventually, Mercari staff determined that a malicious third party had acquired and misused their authentication credentials and accessed Mercari's private repositories between April 13th and April 18th. On discovery of this attack, Mercari immediately deactivated the compromised credentials and secrets and continued investigating the full impact of the breach.
News URL
Related news
- PowerSchool previously hacked in August, months before data breach (source)
- Western Alliance Bank notifies 21,899 customers of data breach (source)
- Sperm donation giant California Cryobank warns of a data breach (source)
- Pennsylvania education union data breach hit 500,000 people (source)
- StreamElements discloses third-party data breach after hacker leaks data (source)
- Texas State Bar warns of data breach after INC ransomware claims attack (source)
- Food giant WK Kellogg discloses data breach linked to Clop ransomware (source)
- The quiet data breach hiding in AI workflows (source)
- Hertz confirms customer info, drivers' licenses stolen in data breach (source)
- Hertz data breach: Customers in US, EU, UK, Australia and Canada affected (source)