After a week-long silence, data extortion gang, Lapsus$ wrote “We are officially back from a vacation” on their Telegram channel. The gang posted screenshots of extracted data and credentials that belong to Globant’s DevOps infrastructure. A folder shown in the screenshots includes folders with other companies’ names, including Arcserve, Banco Galicia, BNP Paribas Cardif, Citibanamex, DHL, Facebook, Stifel, and more.
Despite a series of arrests from UK authorities LAPSUS$ extortion group continues operations.
LAPSUS$ has leaked 70GB of material from @Globant, a large software development company based in Luxembourg
Intel and photos courtesy of @AlvieriD pic.twitter.com/We9Jcm57iE
— vx-underground (@vxunderground) March 30, 2022
70 GB of source code
The gang also shared a torrent file that contains 70 GB of the company’s source code, passwords related to the company’s Atlassian suite, which includes Confluence and Jira, and the Crucible code review tool. Experts who have analyzed the data stated that the files seemed legitimate. The company didn’t make any official comment about the situation yet.