The Lapsus$ extortion group claims to have hacked IT giant Globant and leaked roughly 70 Gb of stolen data. The gang claims that the company has implemented poor security practices that allowed them to hack their infrastructure.
“For anyone who is interested about the poor security practices in use at Globant.com. i will expose the admin credentials for ALL there devops platforms below.” reads the message published on the Telegram Channel of the group.
According to the gang, the stolen data includes customer source code and published a list of credentials to access source code sharing platforms used by the company, including GitHub, Jira, Crucible and Confluence.
The hack of Globant comes a few days the City of London Police announced to have arrested seven teenagers suspected of being members of the notorious Lapsus$ extortion gang, which is believed to be based in South America. UK police suspect that a 16-year-old from Oxford is one of the leaders of the popular Lapsus$ extortion group.
(SecurityAffairs – hacking, Lapsus$)