Globant Apparently Hacked by Lapsus Gang
Software development and IT services company Globant appears to have confirmed getting hacked, and it likely was done by the Lapsus$ criminal gang.
The Luxembourg-based company, with offices in 18 countries worldwide, didn't mention Lapsus$ in its Wednesday announcement. It just stated that there had been "unauthorized access" to "a limited section of company's code repository," which was associated with "a very limited number of clients." The clients weren't named, but Globant didn't find "any evidence that other areas of our infrastructure systems or those of our clients were affected."
It's not clear from the announcement if Globant is informing its potentially affected customers of the breach.
The notion that Globant was hacked by Lapsus$ comes from Twitter posts like this one from vx-underground, which claims to be a group that collects malware source code. The post stated that "Lapsus$ has leaked 70GB of material from Globant." It provided a screenshot showing folders for presumed Globant client companies. The folders have names like Abbott, apple-health-app, C-Span, DHL, Facebook and Globant itself, among others.
The vx-underground post also claimed that Globant's system admin passwords used with Atlassian's Confluence workspace software were exposed by Lapsus$.
Lapsus$ has recently made the news for hacking companies such as Microsoft, Nvidia, Okta, Samsung and Ubisoft, among others. The group seeks money to prevent its exposure of stolen company data. Its purported ringleader, said to be a 16-year-old teenager living in Oxford, U.K., was recently arrested, including six others, but they were later released.
Microsoft recently updated its hunting tools available for detecting Lapsus$ activities. Microsoft calls the group "DEV-0537."
The U.S. Federal Bureau of Investigation recently asked for public assistance in identifying the Lapsus$ members. Its appeal comes in this March 21 "Seeking Information" announcement.
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.