Skip to content

Lapsus$ strikes again; leaks 70GB data of Globant

  • by
  • 2 min read

A few days after declaring that they’re going on a vacation, the Lapsus$ hacking group has now resurfaced with a new victim. The group hacked software consultancy firm Globant and has released a 70GB torrent containing source code from some of Globant’s customers. 

The leaked data contains a large amount of Github source code, along with multiple repositories containing sensitive information such as TLS certificate private keys and chains, Azure keys and API keys for third-party services and over 3000 customer documents, as the group claimed in its Telegram message.

The company has confirmed the breach in a press release published Wednesday, stating that they’ve detected a “limited section” of its code repository being subject to unauthorised access. The company maintains that the information access was limited to certain source-code and project-related documentation for a “very limited number of clients”. 

In the News: Ronin Network exploited for 173,600 ETH and 25.5M USDC

Back from the vacation

Before publishing the torrent file, the group posted screenshots of a file directory containing names of supposed Globant clients, including big names like Facebook, Citibank and DHL. Additionally, the group also leaked admin credentials for all of Globant’s DevOps platforms to expose poor security practices at the company. 

Lapsus$ strikes again; leaks 70GB data of Globant
The message on the Lapsus$ Telegram channel with Globant links and admin credentials.

The links and credentials posted by the group in its Telegram message aren’t active in writing. These links belonged to various platforms used by Globant for developing, reviewing and collaborating on customer code and included Jira, Confluence, GitHub and Crucible links. 

The U.K police had arrested seven people over suspected connections to the group on March 24 after reports emerged that a teenager might be behind the hacking and extortion group. Lapsus$ claims that no gang members were arrested and even circulated a message on its Telegram channel claiming people are impersonating “Lapsus$ staff”. 

In the News: Ukraine Refugee Crisis: 15 ways to support and get help

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>