Do they have closed source stuff or what? They didnt touch on this aspect in the article at all. Why is source code leaking a concern for an open source project?
Grafana has open source projects, but they also have tons of closed source software. I would describe them more as open core
Open core was how Grafana employees described it to me during their interview process.
They’ll have lost the source code for all the enterprise plugins (SAP, Salesforce, etc etc) they have, all the infrastructure as code and provisioning code to run their software in Grafana Cloud, all their closed source code for apps like IRM that were never open source, and probably a load of expensive source code they acquired through partnerships with companies like warpstream.
So yeah probably a six or seven figure loss. In particular the IaC means the attackers can spend tokens to find possible cloud vulnerabilities that will allow them to attack the cloud product, maybe even steal customer data.
“Journalism”
OpenSearch is a FOSS alternative
