Lapsus$ Group was on a bit of break, but they are back with claims to have stolen over 70GB of data from a software development consultancy firm, Globant, who had also worked with big companies like Apple.
Lapsus$ has made its name after breached data from tech giant Microsoft, Nvidia, Samsung, Ubisoft, Okta, and now Globant is also part of the victims’ list. Lately, UK police have also arrested seven hackers connected with the Lapsus$ group.
Globant admitted the hack in a press release on the same day when the Lapsus$ group shared screenshots of the hacked data on their Telegram Channel.
Globant Officially Confirmed Data Breach
Globant worked for companies like Google, Electronic Arts, and Apple, and the company is also a member of the Cybersecurity Tech Accord. Still, Globant’s official statement mentioned ‘they not found any evidence that other areas of our infrastructure systems or those of our clients were affected.’
Besides, Globant confirmed to TechCrunch that it has “detected that a limited section of our company’s code repository has been subject to unauthorized access and is conducting an investigation.”
Lapsus$ shared a torrent link on their Telegram channel of the allegedly stolen data with a message announcing, “We are officially back from a vacation.”
Security Researcher Dominic Alvieri posted Lapsus$’s stolen files screenshot on Twitter. This screenshot shows a list of folders where some big names were also titled, like Facebook and Apple.
— Dominic Alvieri (@AlvieriD) March 30, 2022
There is a folder titled “apple-health-app.” According to The Verge, Its data refers to development material for Globant’s BeHealthy app, explained in an earlier press release as software developed in partnership with Apple to track employee health behaviors using features of the Apple Watch.
Currently, there is no comment or statement by the clients of Globant, but a lot of Cybercrime Investigators and the FBI of the United States are also investigating the Lapsus$ offenses.