Lapsus$ hackers are “back from vacation” as Globant hit

Globant customers include some of the world’s largest firms

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The Lapsus$ hacking group appears to have struck again, with the latest victim is Globant - a software development company from Luxembourg.

The group has said it is “back from vacation”, and posted a 70GB torrent file on its Telegram channel, claiming the dump contains Globant’s customer source code, among other items.

The company’s customers includeGoogle, LinkedIn, EA, and Coca-Cola, among others. EA has had itsendpointsbreached last year, by one member of Lapsus$, but at the moment, it’s impossible to know if the two breaches have anything in common. Lapsus$ has also published a screenshot of a folder, showcasing a number of alleged Globant customers - Facebook, Citibank, C-Span.

We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time. Thank you for taking part.

Click here to start the survey in a new window«

“Very sensitive information”

Besides source codes, the group also published a list of company passwords which these firms used to access source code sharing platforms such as GitHub, Jira, Crucible, or Confluence.

The leak also contains multiple repositories with “very sensitive information” - including TLS certificate private keys and chains, Azure keys and API keys for third-party services, 7,000 candidate resumes, more than 150 databases and a “large number” ofprivate keysfor various services, researchers confirmed.

In a statement given toTechCrunch, Globant confirmed being breached, saying it detected a “limited section” of its company code repository being subject to unauthorized access. An investigation is currently ongoing, it added.

There’s been another development in the Lapsus$ saga>This British teenager is apparently the mastermind behind Lapsus$>Everything we know about Lapsus$ and Okta so far

Some cybersecurity researchers seem to think the dump is legitimate. Commenting on the breach for the same publication, SOS Intelligence CEO, Amir Hadzipasic, said “the leak is legitimate and very significant, as far as Globant and Globant impacted customers are concerned.”

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Lapsus$ has become one of the most notorious names over the first few months of 2022, having reportedly breached a number of major tech companies, includingNvidia,Samsung,LG,Microsoft, and Okta.

Law enforcement agencies seem to believe the group is run by a teenager living in the UK with his mother, and some alleged Lapsus$ members were recently arrested by police in the country.

Via:TechCrunch

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Dangerous Android banking malware looks to trick victims with fake money transfers

Sophos Firewall hack on government network used an all-new custom malware

Don’t wait until Black Friday, this year’s best Nintendo Switch bundles are on sale now