Software company Globant has been hit by a data breach. Source code and project documentation intended for customers, among other things, have been stolen. The attack appears to be the work of the cybercrime gang Lapsus$.
In a post on Telegram, Lapsus$ itself shares information about the attack. The group claims, among other things, to have had access to about three thousand spaces with customer documents. Lapsus$ also distributed credentials for various Globant DevOps platforms via Telegram.
“We recently determined that a restricted section of our company’s code repository was subject to unauthorized access. As a result, our security protocols were activated, and an extensive investigation was launched,” Globant said.
The leaked information appears to be limited to certain source code and project documentation for a very small number of customers. At this time, we have no indication that other parts of our infrastructure systems or those of our customers have been affected.”
Also read: Seven people arrested in connection with hacks Lapsus$ cybergang
Lapsus$ has been in the news a lot lately. The group has previously been linked to attacks on Microsoft, Samsung, and Nvidia. In addition, several alleged group members were arrested in London last week.