After a short “vacation,” the Lapsus$ hacking gang is back — and both Facebook and Apple may be on its target list.
In a post shared through the group’s Telegram channel on Wednesday, Lapsus$ claimed to have stolen 70GB of data from Globant — an international software development firm headquartered in Luxembourg, which boasts some of the world’s largest companies as clients.
Screenshots of the hacked data, originally posted by Lapsus$ and shared on Twitter by security researcher Dominic Alvieri, appeared to show folders bearing the names of a range of global businesses: among them were delivery and logistics company DHL, US cable network C-Span, and French bank BNP Paribas.
Also in the list were tech giants Facebook and Apple, with the latter referred to in a folder titled “apple-health-app.” The Verge could not immediately verify whether the folders contained source code belonging to the two companies, and neither had responded to a request for comment at time of publication. However, a previous press release posted by Globant lists a project developed in partnership with Apple to build an app that companies can use to track employees’ health behaviors using features of the Apple Watch.
Globant had not responded to a request for comment at time of publication.
Facebook, DHL, BNPParibas, Abbott…
Lapsus$ making a statement post which needs to be verified.@campuscodi @vxunderground #cybersecurity #infosec #Lapsus https://t.co/FNPzz10vTt pic.twitter.com/lBQ1oN37hL
— Dominic Alvieri (@AlvieriD) March 30, 2022
On Telegram, Lapsus$ shared a torrent link to the allegedly stolen data with a message announcing, “We are officially back from a vacation.”
If confirmed, the leak would show a swift return to activity after seven suspected members of Lapsus$ were arrested by British police less than a week ago.
The arrests, first reported on March 24th by BBC News, were carried out by City of London Police after a yearlong investigation into the alleged ringleader of the gang, who is believed to be a teenager living with his parents in Oxford. On the other side of the Atlantic, the FBI is also seeking information on Lapsus$ related to the breach of US companies.
The Lapsus$ gang has been remarkably prolific in the range and scale of companies it has breached, having previously extracted data from a number of well-known technology companies, including Nvidia, Samsung, Microsoft, and Vodafone.
Most recently, Lapsus$ was in the spotlight for a hack affecting the authentication platform Okta, which put thousands of businesses on high alert against subsequent breaches. The latter hack has been an embarrassment for a company that provides security services to other businesses and led to criticism of Okta for a slow disclosure.
