After a week-long silence, the data extortion gang Lapsus$ posted screenshots of stolen data from Globant’s DevOps infrastructure. The gang also shared a torrent file that contains 70 GB of the company’s source code. The company made an official announcement, confirming the incident.
Official update
The FBI started an investigation and asked for information about the notorious gang.
Globant stated that they have detected that a limited section of the company’s code repository has been subject to unauthorized access. The company also stated that security protocols are now activated and the company is conducting an exhaustive investigation.
The analysis showed that the group accessed a certain source code and project-related documentation for a very limited number of clients. Globant claims that the company didn’t have any evidence that other areas of the infrastructure systems were affected. The company also announced that they are taking strict measures to prevent further incidents.
Additionally, the FBI also announced that they are investigating the group and asked for any information about the notorious gang’s members from the public. The group’s Telegram chat suggests that the group is speaking English, Russian, Turkish, German, and Portuguese, which may indicate that the group has contacts all over the world.
Related Story: Members of Lapsus$ are being arrested