The Lapsus$ hacker allegedly broke into Globant SA, a software services company, and stole 70 gigabytes of source code from the company’s customers late Tuesday.
Globant confirmed a breach on Wednesday, claiming that some of its code was accessed without authorization. The firm said in a statement that there was no evidence that other areas of its infrastructure – or those of its customers – were affected. Lapsus$ did not name or identify the person responsible for the breach.
Globant’s stock has dropped about 10% to $248.92 after being informed of the hack.
Lapsus$ posted a screenshot of more than two dozen folders containing what it claimed was customer source code, including from prominent tech companies. The authenticity of the screenshot could not be immediately confirmed, although the company has previously stolen source code or other proprietary data from companies such as Microsoft Corp and Nvidia Corp.
After breaking into one of its employees, the group claimed credit for having breached OktaInc.
With its jubilant antics and high-level access to some of the world’s most popular companies, Lapsus$ has stunned and baffled cybersecurity specialists in equal measure. Microsoft said in the last week that the company employs a variety of methods, including bluffing, trickery, and bribes to steal passwords.
Following the announcement of the Okta breach, British authorities said that seven people – aged 16 to 21 – had been detained at a certain point in the previous year and were later released. It was around that time that Lapsus$ informed its supporters that “a few of our members” were traveling on holiday.
The conduct of the break – nor the arrests – seems to have engulfed the group’s desire for leaks.
“We are officially back from a vacation,” the group said as it announced the Globant breach. List23