Rapid7 has disclosed that many source code repositories were breached as part of a security breach linked to the supply-chain intrusion that recently affected Codecov code coverage tool users.
These repositories included some internal passwords, all of which had been cycled, as well as alert-related data for a small number of our MDR clients. No other business databases or development environments were accessed, and no unauthorised changes to these repositories were made.