Security News > 2021 > May > E-commerce giant suffers major data breach in Codecov incident
E-commerce platform Mercari has disclosed a major data breach incident that occurred due to exposure from the Codecov supply-chain attack.
Today, e-commerce giant Mercari has disclosed major impact from the Codecov supply-chain attack on its customer data.
Mercari drops Codecov entirely after month-long investigation.
Mercari became aware of the impact from the Codecov breach shortly after Codecov's initial disclosure made mid-April.
On April 23rd, GitHub also notified Mercari of suspicious activity related to the incident seen on Mercari's repositories.
Eventually, Mercari staff determined that a malicious third party had acquired and misused their authentication credentials and accessed Mercari's private repositories between April 13th and April 18th. On discovery of this attack, Mercari immediately deactivated the compromised credentials and secrets and continued investigating the full impact of the breach.
News URL
Related news
- ADT confirms data breach after customer info leaked on hacking forum (source)
- CSC ServiceWorks discloses data breach after 2023 cyberattack (source)
- How to Prevent Your First AI Data Breach (source)
- Toyota confirms third-party data breach impacting customers (source)
- National Public Data Breach: Only 134 Million Unique Emails Leaked and Company Acknowledges Incident (source)
- CannonDesign confirms Avos Locker ransomware data breach (source)
- Patelco notifies 726,000 customers of ransomware data breach (source)
- Nearly 1/3 of Companies Suffered a SaaS Data Breach in Last Year (source)
- Park’N Fly notifies 1 million customers of data breach (source)
- GDPR Data Breach Notification Letter (Free Download) (source)