Lapsus$ claims to have hacked AstraZeneca and stolen roughly 3GB of sensitive enterprise data, including credentials, internal code repositories, and employee information. If verified, the leaked assets posted on the groupβs Tor site could impact employees, partners, intellectual property, and the supply chain. #Lapsus$ #AstraZeneca
Keypoints
- Lapsus$ asserts it exfiltrated approximately 3GB of data from AstraZeneca.
- Claimed stolen items include credentials, tokens, employee data, and GitHub Enterprise account details.
- The leak allegedly contains Java application code such as controllers, repositories, services, and Spring Boot resources.
- Project paths and packages point to exposed development assets and cloud infrastructure information for AWS, Azure, and Terraform.
- The group added AstraZeneca to its Tor leak site for sale, while the company has not publicly confirmed the incident.
Read More: https://www.securityweek.com/extortion-group-claims-it-hacked-astrazeneca/