INVESTIGATORS CODECOV 29K APRILSATTERREUTERS

I

U.S. federal investigators are investigating an intrusion into the Software auditing firm based at San Francisco Codecov which affected an unspecified portion of its 29,000 customers. Codecov stated in a statement it was looking into security breaches that could knock-on effects to other businesses.

Codecov declared in an announcement that hackers had begun to modify the software used by technology to check the code for weaknesses and errors at the time of January. 31. The intrusion was discovered at the beginning of the month after a smart user noticed that something was off in the software, Codecov said.

What the implications are of this incident are unclear. incident has drawn parallels to the recent hacking attack on Texas Software company SolarWinds (SWI.N) by believed Russian hackers, but not just because the breach could have negative consequences for many of the companies that employ Codecov and due to the duration when the software that was compromised was being used.

The company boasts on their website the presence of 29,000 clients, including the consumer goods firm Procter & Gamble Co, (PG.N) web hosting company GoDaddy Inc, (GDDY.N) The Washington Post, and Australian software company Atlassian Corporation PLC. (TEAM.O)

P&G, GoDaddy, and The Post did not immediately respond to requests for a response. Atlassian claimed they knew about the incident and were conducting an investigation.

“At this moment, we have not found any evidence that we have been impacted nor have identified signs of a compromise,” Atlassian stated in an email.

Codecov is used by “big enterprises, small companies and open source tools alike,” said Dor Atias, co-founder of the Israeli security company for Source codes Cycode.

A key reason to subvert Codecov will be “you can get a lot of data from a lot of big companies,” he said. “It’s an enormous deal. “

Codecov declared the existence of a national investigation into the issue, but the company declined to provide additional details regarding the statement.

Federal Bureau of Investigation and Department of Homeland Security’s cybersecurity division didn’t respond to a request asking for clarity on the matter last Friday.

About the author

Adeline Darrow
By Adeline Darrow

Categories

Get in touch

Content and images available on this website is supplied by contributors. As such we do not hold or accept liability for the content, views or references used. For any complaints please contact adelinedarrow@gmail.com. Use of this website signifies your agreement to our terms of use. We do our best to ensure that all information on the Website is accurate. If you find any inaccurate information on the Website please us know by sending an email to adelinedarrow@gmail.com and we will correct it, where we agree, as soon as practicable. We do not accept liability for any user-generated or user submitted content – if there are any copyright violations please notify us at adelinedarrow@gmail.com – any media used will be removed providing proof of content ownership can be provided. For any DMCA requests under the digital millennium copyright act
Please contact: adelinedarrow@gmail.com with the subject DMCA Request.