The admission comes after Lapsus$ leaked 70GB of stolen data.
Globant said in a statement on Wednesday that it experienced a network breach. In the statement, the IT and software development firm appeared to confirm claims made by Lapsus$. This is a group that has successfully compromised Microsoft, Nvidia, Okta, and other victims in recent weeks.
“We have recently detected that a limited section of our company’s code repository has been subject to unauthorized access,” Globant said. “We have activated our security protocols and are conducting an exhaustive investigation,” they added.
“According to our current analysis, the information that was accessed was limited to certain source code and project-related documentation for a very limited number of clients. To date, we have not found any evidence that other areas of our infrastructure systems or those of our clients were affected.”
The statement ended with assurances. “We are taking strict measures to prevent further incidents,” they said.
Tip: The rapid rise and fall of Lapsus$
A new data extortion group makes a big splash
Lapsus$ is a relative newcomer to the data-extortion scene, according to a report in Ars Technica. While the group’s tactics and procedures lack sophistication, members largely believed to be young and technically immature make up for it with persistence. Gang members were rumored to be among seven individuals arrested last week by London police.
A leak Tuesday on the Lapsus$ Telegram channel included data the group said came from a recent hack on Globant, according to Ars Tecnica. This raises questions about precisely what relationship the suspects, aged 16 to 21, had with Lapsus$. Recently, the FBI sought public assistance in tracking down the group.
The Telegram post included a screenshot of data purportedly taken from Luxembourg-based Globant, which operates in 18 countries and has more than 23,500 employees. Folders for one of the purportedly stolen data caches had names like “apple-health-app,” “Facebook,” “C-SPAN,” and “DHL.”
Another post on the same channel purported to show login credentials, many with weak passwords, for some of the servers Globant used to store the data.