Grafana has confirmed that hackers stole its codebase and internal business data through the TanStack supply chain attack after failing to revoke one GitHub workflow token. The company detected the breach on May 11th, received a ransom demand five days later which it refused to pay, and says no customer production systems or the Grafana Cloud platform were affected. While the attackers accessed public and private source code plus internal repositories containing business contact information, Grafana emphasizes the code was not modified and no action is required from customers or open source users.