Fast, Frictionless, and Secure: Explore our 120+ Connectors Portfolio | Join Webinar!
Our team was recently notified of unauthorized read-only access to Confluent’s GitHub account stemming from the recent Codecov incident (more information here). The security of our customers and their data is critically important to us, and upon learning of this Codecov breach, our security team took immediate action to assess the ramifications of this incident and implement additional security measures to limit any further impact—including engaging with an industry-leading cyber forensics team to conduct a full-scale investigation and contacting law enforcement.
Our investigation remains ongoing, but here is what we have learned so far:
With regards to the corrective measures we have taken so far, we have:
Confluent has a robust security program that includes assessing the security of our vendors, proactively scanning our source code for vulnerabilities such as hard-coded credentials, and proactive monitoring for suspicious activity in our cloud environments that helps minimize the risk of these types of incidents.
We approach matters such as this with the utmost seriousness. Regardless of what tools are involved or at fault, we ultimately hold ourselves accountable for the security of our customers and the data they entrust us with. We continue to work around the clock to gather additional information and limit the impact of this incident on our systems and our customers. We will continue to provide updates as new information becomes available.
For the very first time, Kafka Summit is coming to Bangalore on May 2, 2024, at the Sheraton Grand Bengaluru Whitefield Hotel & Convention Center. And we’re bringing everything that makes Kafka Summit, well, Kafka Summit.
This week in Las Vegas, Google is hosting their annual Google Cloud Next ʼ24 conference, bringing together leaders from across the IT industry to learn about and explore the newest innovations in and around the Google Cloud ecosystem.