Apify incident

Security Incident Notification – March 6, 2026

Notice Resolved View vendor source →
Started
Mar 11, 2026, 12:48 PM UTC
Resolved
Mar 12, 2026, 09:34 AM UTC
Duration
20h 46m
Detected by Pingoru
Mar 11, 2026, 12:48 PM UTC

Affected components

General

Update timeline

  1. monitoring Mar 11, 2026, 12:48 PM UTC

    We are informing you about a security incident that occurred on March 6, 2026. Based on our investigation to date, there is no indication that any customer data was affected or compromised. However, we want to share the information we have with you as part of our ongoing commitment to transparency. What happened At approximately 21:52 UTC on March 6, 2026, we detected that the GitHub account of one of our employees had been compromised as part of a broader, known malware campaign. The attacker used this access to inject malicious code into multiple branches across our GitHub repositories via force-pushed commits. Thanks to branch protection rules in place on our repositories, no changes were merged into any default or protected branches. How we responded Upon detection, we immediately suspended the affected account and blocked all associated access across our internal systems. Our engineering team then identified all affected branches and reverted every malicious commit. Full cleanup was completed by approximately 00:32 UTC on March 7, 2026. What we have investigated We have since conducted a thorough review of our GitHub audit logs, AWS CloudTrail logs, Google Workspace logs, and all other important resources. All activity reviewed was consistent with expected patterns — no unauthorized access, no suspicious logins, and no signs of data exfiltration were identified beyond the GitHub repository commits, which have been fully reverted. Despite no signs of malicious access, we also completed the rotation of secrets and the scan of all working machines used by Apify employees. Impact on your data Based on our investigation to date, there is no evidence that any customer data was accessed or affected by this incident. The attack was limited to source code repository branches, all of which were protected and have been restored. We take the security of your data seriously and will continue analyzing the impact of the issue and monitoring for any further indicators of compromise. We will provide an update if our ongoing investigation reveals any new findings. Please don't hesitate to reach out to [email protected] if you have any questions. Sincerely, The Apify security team

  2. resolved Mar 12, 2026, 09:34 AM UTC

    This incident has been resolved.

Looking to track Apify downtime and outages?

Pingoru polls Apify's status page every 5 minutes and alerts you the moment it reports an issue — before your customers do.

  • Real-time alerts when Apify reports an incident
  • Email, Slack, Discord, Microsoft Teams, and webhook notifications
  • Track Apify alongside 5,000+ providers in one dashboard
  • Component-level filtering
  • Notification groups + maintenance calendar
Start monitoring Apify for free

5 free monitors · No credit card required