It looks like a hacking gang called Lapsus$ has returned after a brief break, as it claimed to have stolen 70GB of data from Globant, a multinational software development corporation based in Luxembourg that has some of the world’s largest companies as clients.
Security researcher Dominic Alvieri uploaded screenshots of the leaked data on Twitter, which claimed to reveal folders with the names of a number of worldwide companies, including shipping and logistics company DHL, American cable network C-Span and French bank BNP Paribas.
Facebook and Apple were also on the list, with the latter being referenced in a folder dubbed “apple-health-app”. It needs to be clarified that the data labeled “apple-health” came from the app developed in collaboration with Apple, not from Apple itself.
The information appears to be test data for Globant’s BeHealthy app, which was touted in a previous press release as software developed in collaboration with Apple to track employee health practices utilizing Apple Watch features.
Globant issued a press release on March 30 acknowledging the attack.
“We have recently detected that a limited section of our company’s code repository has been subject to unauthorized access. We have activated our security protocols and are conducting an exhaustive investigation,” the statement said.
Additionally, the company said: “According to our current analysis, the information that was accessed was limited to certain source code and project-related documentation for a very limited number of clients. To date, we have not found any evidence that other areas of our infrastructure systems or those of our clients were affected.”
The hacking group said on Telegram, “We are officially back from a vacation” and shared a torrent link to the allegedly stolen data. If true, the leak would indicate a quick return to action following the arrest of seven suspected Lapsus$ members by British police less than a week ago.
According to the latest reports, on April 1, a 16-year-old and a 17-year-old were charged with a series of cyber-crimes at Highbury Corner minor court in London. They were apprehended as part of a global police investigation into the Lapsus$ gang.
However, it should be noted that the American federal agency FBI has issued a request for information regarding the hacking group’s members. The Lapsus$ gang has been extraordinarily productive in terms of the number and size of firms it has hacked, having previously extracted data from Nvidia, Samsung, Microsoft, and Vodafone, among others.
The group of threat actors was recently in the news for an attack on the authentication platform Okta, which put thousands of firms on high alert for further breaches. The latter intrusion has been a source of embarrassment for Okta, which provides security services to other organizations, and has led to criticism of the company’s late disclosure.
Read all the Latest Auto News and Breaking News here
Comments
0 comment