Kafka in the Cloud: Why it’s 10x better with Confluent | Find out more
Our team was recently notified of unauthorized read-only access to Confluent’s GitHub account stemming from the recent Codecov incident (more information here). The security of our customers and their data is critically important to us, and upon learning of this Codecov breach, our security team took immediate action to assess the ramifications of this incident and implement additional security measures to limit any further impact—including engaging with an industry-leading cyber forensics team to conduct a full-scale investigation and contacting law enforcement.
Our investigation remains ongoing, but here is what we have learned so far:
With regards to the corrective measures we have taken so far, we have:
Confluent has a robust security program that includes assessing the security of our vendors, proactively scanning our source code for vulnerabilities such as hard-coded credentials, and proactive monitoring for suspicious activity in our cloud environments that helps minimize the risk of these types of incidents.
We approach matters such as this with the utmost seriousness. Regardless of what tools are involved or at fault, we ultimately hold ourselves accountable for the security of our customers and the data they entrust us with. We continue to work around the clock to gather additional information and limit the impact of this incident on our systems and our customers. We will continue to provide updates as new information becomes available.
Did you know that women make up only 28% of professionals in the tech industry? What’s more, the percentage of women in tech leadership roles is trending down in recent years. Undoubtedly, the tech industry still has a long way to go in leveling the playing field for women...
The Data Streaming Awards helps recognize and celebrate organizations that are harnessing the power of this innovative technology to transform their businesses—and provide increased value to their customers and communities.