© 2023 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Globant confirms a hack after Lapsus$ stole 70 GB of company data

IT and software development company Globant has confirmed a hack after the Lapsus$ extortion group shared 70 GB of data allegedly stolen from the company.

Lapsus$ hasn't been quiet for long – less than a week after the City of London police made arrests of alleged Lapsus$ members, and the group returned by sharing a 70 GB torrent, consisting of what it claimed to be a ''leak of some customers' source code from Globant.com".

Lapsus message

The screenshot of an archive shared by Lapsus$ contains folders on BNP Paribas, DHL, Abbott, Facebook, Fortune, etc.

Globant folders

Later on, the extortion group also published a set of administrator credentials, giving access to different platforms that Globant uses, including Crucible, Jira, Confluence, and Github.

Lapsus$ admin

Globant, which has 25,000 employees, is present in 18 countries and boasts about working with clients, such as Google, Rockwell Automation, Electronic Arts, and Santander, acknowledged the hack in a brief statement.

"​​We have recently detected that a limited section of our company's code repository has been subject to unauthorized access. We have activated our security protocols and are conducting an exhaustive investigation," the company said.

Globant assured it is taking ''strict measures to prevent further incidents.''

"According to our current analysis, the information that was accessed was limited to certain source code and project-related documentation for a very limited number of clients. To date, we have not found any evidence that other areas of our infrastructure systems or those of our clients were affected," it said.

Recently, Lapsus$ went after Ubisoft, Okta, Nvidia, Samsung, and Microsoft, now adding Globant to its victim list.

Microsoft, which acknowledged the extortion group managed to compromise a Microsoft employee account, said that Lapsus$ is not like any other threat actor. Unlike most activity groups that stay under the radar, Lapsus$ doesn’t seem to cover its tracks and uses public relations to bolster its claims.

More from Cybernews:

Russian aviation authority switches to paper after losing 65TB of data

Russia's cybercriminals fear sanctions will erase their wealth

Data shows the growth in cloud-based security breaches

FBI reveals Russian hackers were found scanning US energy networks

Ronin robbed of $625m in digital funds

The White House seeks $10.9 billion in cybersecurity funding

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked