LAPSUS$ hacks Globant. 70GB of data leaked from IT firm
International IT and software development firm Globant has confirmed that an increasingly-notorious cybercrime gang breached its network and stole intellectual property and passwords.
Earlier this week the LAPSUS$ group returned from what it called a "vacation" (it was unclear whether or not their temporary online disappearance was related to a series of arrests British police had made) with a screenshot on its Telegram group of what appeared to be 73GB of data stolen from Globant.
Some of the folders in the screenshot appeared to be related to source code for the likes of Facebook, C-Span, Fortune, DHL, and BNP Paribas.
A subsequent press release issued by Globant confirmed that "a limited section of our company's code repository has been subject to unauthorized access."
In the terse press release, the firm went on to say that "to date" it had not found any evidence that other areas of its infrastructure or those of its clients had been affected.
LAPSUS$ however was being rather more voluble in its communications, using its Telegram group to share a link to the data in the form of a downloadable torrent file.
In addition, the hacking group described Globant's security practices as "poor," sharing a number of the company's admin passwords (redacted in the screenshot below).
Researchers who have examined the leaked data have expressed concern that the code contains a large number of private keys that could be exploited in future attacks.
The LAPSUS$ group, which is thought to consist largely of computer-savvy teenagers, has become notorious for a wave of attacks that have impacted large tech firms including Microsoft, NVIDIA, Ubisoft, Samsung, and Okta.
Clearly, the group's actions have caught the attention of law enforcement agencies with the recent arrests in the UK coinciding with a request from the FBI for the public to help identify members of the group.
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps
November 29, 2022
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022
Cyber Tips for a Spook-Free Halloween
October 26, 2022
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War
August 31, 2022