Back From Vacation, Lapsus$ Teen Hacker Gang Breaks Into Globant SA To Steal Customer's Source Code

The Lapsus$ teen hacker gang is at it again. (photo: doc. pixabay)

JAKARTA – The youth-controlled hacking gang, Lapsus$, late Tuesday, March 29, claimed that they had broken into software services company Globant SA and stolen 70 gigabytes of source code from the company's customers.

Globant itself confirmed the breach on Wednesday, March 30. They say that some have had their code accessed without permission. The company also said in a report that it found no evidence that other areas of its infrastructure - or its clients' - were affected. Globant did not name Lapsus$ or identify who was responsible for the breach.

On its Telegram channel, Lapsus$ posted screenshots of more than two dozen folders containing what it said was customer source code, including from well-known tech companies. The authenticity of the screenshots couldn't be immediately confirmed, but the group has previously stolen source code or other proprietary data from technology heavyweights including Microsoft Corp and Nvidia Corp.

Reported by Reuters, Lapsus$ has shocked and confused cybersecurity experts in equal measure with its combination of juvenile antics and high-level access to some of the world's largest companies. According to Microsoft, the group uses a variety of methods, including bluffing, cheating, and bribing to steal passwords.

Following news of Okta's offense, British authorities announced that seven people - aged 16 to 21 - had been arrested at some unspecified point and subsequently released.

Authorities provided few other details but that was when Lapsus$ told its fans "some of our members" were going on vacation. Neither the termination nor the arrests appeared to curb the group's appetite to divulge.

"We're officially back from vacation," the group said when announcing the breach on Globant.