Lapsus$ Hacking Group Claims It Stole 70GB of Data From Apple Health's Partner

Sophie Webster, Tech Times 30 March 2022, 10:03 pm

After being on a short hiatus, the infamous Lapsus$ hacking group is back.

In a post the group shared through their Telegram channel on Mar. 30, the group has claimed that it stole 70GB of data from Globant, an international software development firm headquartered in Luxembourg, which boasts some of the world's massive companies as its clients.

Lapsus$ Stole Data From Globant

Screenshots of the hacked data, which was originally posted by Lapsus$ and shared on Twitter by security researcher Dominic Alvieri appeared to show folders showing the names of a range of global businesses.

Among the businesses were delivery and logistics company DHL, channel C-Span, and French bank BNP Paribas, according to The Verge.

Also on the list were massive tech companies Facebook and Apple, with the latter referred to in a folder titled "apple-health-app."

Also Read: Microsoft Confirms LAPSUS$ Hack After Extortion Group Releases Stolen 37GB Source Code [UPDATE]

The data seems to be the material created for Globant's BeHealthy app, described in a previous press release as software developed in partnership with Apple to track the health behaviors of its employee and using features of the Apple Watch.

Globant acknowledged the hack in a press release on Mar. 30. The company said that according to their current analysis, the information that was accessed was limited to certain source code and project-related documentation for a very limited number of clients.

The company also said that to date, they have not found any evidence that the other areas of their infrastructure system and those of their clients were affected.

On Telegram, the hacking group shared a torrent link to the stolen data with a message that says they are officially back from vacation.

If confirmed, the leak would allow the group to return to activity after seven suspected members of the hacking group were arrested by the British authorities last week.

The arrests, first reported on Mar. 24 by BBC News, were carried out by City of London Police after investigating the group for a year. The authorities found out that the ringleader of Lapsus$ is a teenager living with his parents in Oxford, England.

On the other side of the pond, the FBI is also seeking information on Lapsus$ related to the breach of US companies.

The Lapsus$ gang has been prolific in the range and scale of companies it has breached, having previously extracted data from several well-known technology companies, including Samsung, Nvidia, Microsoft, and Vodafone.

Most recently, Lapsus$ was in the spotlight for a hack affecting the authentication platform Okta, which put thousands of organizations and businesses on high alert against subsequent breaches.

The latter hack has been a hit for the company because it is expected to provide security services to other businesses, yet its own system is so vulnerable to attacks.

Sitel's Spreadsheet of Passwords

According to TechCrunch, when the hacking group attacked Sitel back in January, it accessed a spreadsheet on the company's internal network called "DomAdmins-LastPass.xlsx."

The filename suggests that the spreadsheet got passwords for domain administrator accounts that were exported from a Sitel employee's LastPass password manager.

Sitel said that the spreadsheet only listed account names from legacy Sykes but did not contain any passwords, but no evidence was given to support this claim.