Telecommunications company Vodafone has initiated an investigation into a possible data leak after the statements of the Lapsus$ cybercriminal group about the theft of about 200 GB of source code files equivalent to 5 thousand repositories on GitHub.
“We are studying these statements together with law enforcement agencies and cannot comment on their authenticity at the moment. However, we can say that, as a rule, the types of repositories in question contain proprietary source code and do not contain customer data,” company representatives told SecurityWeek.
So far, the hackers have not published any of the stolen files, according to them. Instead, they asked tens of thousands of users to subscribe to their Telegram channel and vote on whose data should be published, Vodafone, Impresa or Mercado Libre. The voting will last until March 13.
The attack on the Portuguese media group Impresa caused serious disruptions, and the e-commerce giant Mercado Libre recently confirmed to the US Securities and Exchange Commission (SEC) that the data of 300 thousand users was compromised as a result of a cyber incident.
Last month, Vodafone Portugal reported service disruptions due to a “malicious cyberattack,” but whether this incident is related to the Lapsus$ statements is still unclear.
Recently, the Lapsus$ group also announced the theft of the source code from NVIDIA and Samsung. NVIDIA confirmed that the attackers stole employee credentials and digital certificates for code signing.
Samsung, from which hackers allegedly stole 190 GB of data, also confirmed the theft of the source code related to Galaxy devices.
The attackers demand a ransom from the affected companies in exchange for not publishing the information stolen from them. In the case of NVIDIA, they also demanded to open the source code of drivers for video cards and remove the hashrate restriction that prevents mining Ethereum.
Lapsus$ attacks are carried out without the use of extortionate software.