International IT and software development firm Globant has confirmed that an increasingly-notorious cybercrime gang breached its network and stole intellectual property and passwords.
Earlier this week the LAPSUS$ group returned from what it called a “vacation” (it was unclear whether or not their temporary online disappearance was related to a series of arrests British police had made) with a screenshot on its Telegram group of what appeared to be 73GB of data stolen from Globant.
Some of the folders in the screenshot appeared to be related to source code for the likes of Facebook, C-Span, Fortune, DHL, and BNP Paribas.
A subsequent press release issued by Globant confirmed that “a limited section of our company’s code repository has been subject to unauthorized access.”
In the terse press release, the firm went on to say that “to date” it had not found any evidence that other areas of its infrastructure or those of its clients had been affected.
LAPSUS$ however was being rather more voluble in its communications, using its Telegram group to share a link to the data in the form of a downloadable torrent file.
In addition, the hacking group described Globant’s security practices as “poor,” sharing a number of the company’s admin passwords (redacted in the screenshot below).
Researchers who have examined the leaked data have expressed concern that the code contains a large number of private keys that could be exploited in future attacks.
The LAPSUS$ group, which is thought to consist largely of computer-savvy teenagers, has become notorious for a wave of attacks that have impacted large tech firms including Microsoft, NVIDIA, Ubisoft, Samsung, and Okta.
Clearly, the group’s actions have caught the attention of law enforcement agencies with the recent arrests in the UK coinciding with a request from the FBI for the public to help identify members of the group.