"Lapsus$ claims to have exfiltrated Java-based application code such as 'controllers, repositories, services, schedulers, configuration files, and Spring Boot resources,' cybersecurity firm SocRadar reports."
"In practical terms, that suggests the alleged breach may touch internal business operations, supply chain workflows, and system administration data, not just developer artifacts."
"Should the hacking group's claims be verified, the blast radius from the incident could be broad, as it may impact employees, partners, intellectual property, and the supply chain."
Lapsus$ extorted AstraZeneca, claiming to have stolen around 3GB of sensitive data. The breach includes credentials, internal code repositories, and employee data. The hackers exfiltrated Java-based application code, project paths, and cloud infrastructure information. They also claimed to have taken GitHub Enterprise user information and corporate email addresses. The breach may affect internal operations and supply chain workflows. AstraZeneca has not confirmed the incident, and the potential impact could be significant for employees and partners.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]