2 min read

LAPSUS$ hacks Globant. 70GB of data leaked from IT firm

Graham CLULEY

April 01, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
LAPSUS$ hacks Globant. 70GB of data leaked from IT firm

International IT and software development firm Globant has confirmed that an increasingly-notorious cybercrime gang breached its network and stole intellectual property and passwords.

Earlier this week the LAPSUS$ group returned from what it called a "vacation" (it was unclear whether or not their temporary online disappearance was related to a series of arrests British police had made) with a screenshot on its Telegram group of what appeared to be 73GB of data stolen from Globant.

Some of the folders in the screenshot appeared to be related to source code for the likes of Facebook, C-Span, Fortune, DHL, and BNP Paribas.

A subsequent press release issued by Globant confirmed that "a limited section of our company's code repository has been subject to unauthorized access."

In the terse press release, the firm went on to say that "to date" it had not found any evidence that other areas of its infrastructure or those of its clients had been affected.

LAPSUS$ however was being rather more voluble in its communications, using its Telegram group to share a link to the data in the form of a downloadable torrent file.

In addition, the hacking group described Globant's security practices as "poor," sharing a number of the company's admin passwords (redacted in the screenshot below).

Researchers who have examined the leaked data have expressed concern that the code contains a large number of private keys that could be exploited in future attacks.

The LAPSUS$ group, which is thought to consist largely of computer-savvy teenagers, has become notorious for a wave of attacks that have impacted large tech firms including Microsoft, NVIDIA, Ubisoft, Samsung, and Okta.

Clearly, the group's actions have caught the attention of law enforcement agencies with the recent arrests in the UK coinciding with a request from the FBI for the public to help identify members of the group.

tags


Author



Right now

Top posts

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
Cyber Tips for a Spook-Free Halloween

Cyber Tips for a Spook-Free Halloween

October 26, 2022

3 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Royal Ransomware Launches Attacks on US Healthcare Organizations, Government Warns Royal Ransomware Launches Attacks on US Healthcare Organizations, Government Warns
Vlad CONSTANTINESCU

December 09, 2022

2 min read
North Korean APT Group Exploits Internet Explorer Zero-Day Flaw, Google Warns North Korean APT Group Exploits Internet Explorer Zero-Day Flaw, Google Warns
Vlad CONSTANTINESCU

December 08, 2022

2 min read
Medibank Goes Offline to Rebuild Cyber Defenses in Wake of October Hack Medibank Goes Offline to Rebuild Cyber Defenses in Wake of October Hack
Filip TRUȚĂ

December 08, 2022

2 min read