Globant Apparently Hacked by Lapsus Gang -- Redmondmag.com

Globant Apparently Hacked by Lapsus Gang

By Kurt Mackie
03/30/2022

Software development and IT services company Globant appears to have confirmed getting hacked, and it likely was done by the Lapsus$ criminal gang.

The Luxembourg-based company, with offices in 18 countries worldwide, didn't mention Lapsus$ in its Wednesday announcement. It just stated that there had been "unauthorized access" to "a limited section of company's code repository," which was associated with "a very limited number of clients." The clients weren't named, but Globant didn't find "any evidence that other areas of our infrastructure systems or those of our clients were affected."

It's not clear from the announcement if Globant is informing its potentially affected customers of the breach.

The notion that Globant was hacked by Lapsus$ comes from Twitter posts like this one from vx-underground, which claims to be a group that collects malware source code. The post stated that "Lapsus$ has leaked 70GB of material from Globant." It provided a screenshot showing folders for presumed Globant client companies. The folders have names like Abbott, apple-health-app, C-Span, DHL, Facebook and Globant itself, among others.

The vx-underground post also claimed that Globant's system admin passwords used with Atlassian's Confluence workspace software were exposed by Lapsus$.

Lapsus$ has recently made the news for hacking companies such as Microsoft, Nvidia, Okta, Samsung and Ubisoft, among others. The group seeks money to prevent its exposure of stolen company data. Its purported ringleader, said to be a 16-year-old teenager living in Oxford, U.K., was recently arrested, including six others, but they were later released.

Microsoft recently updated its hunting tools available for detecting Lapsus$ activities. Microsoft calls the group "DEV-0537."

The U.S. Federal Bureau of Investigation recently asked for public assistance in identifying the Lapsus$ members. Its appeal comes in this March 21 "Seeking Information" announcement.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

Multi-Tenant Organization Hooks Released for Microsoft 365

Microsoft Entra ID's new multi-tenant organization capabilities have reached general availability (GA).
Real-World Ransomware Recovery

Here's how I was (mostly) successful in recovering a family PC infected with malware.
Microsoft Launches Small AI Models Family Phi-3

Recognizing that bigger isn't always better, Microsoft has released its smallest open AI models to date, Phi-3.
Microsoft and OpenAI Continue Global AI Expansions

Microsoft and OpenAI each continued their global expansion this month, with the announcements of new infrastructure investments and service rollouts in new regions, like Asia and the Middle East.
Cisco Warns of Brute Force Attacks Targeting VPNs and Firewalls

Cisco has revealed that a global increase in brute force attacks targeting Virtual Private Networks (VPNs) and other devices is currently taking place.