[BreachExchange] Vodafone investigating claims it was hacked by same group that hit Nvidia and Samsung
Terrell Byrd
terrell.byrd at riskbasedsecurity.com
Thu Mar 10 14:21:29 EST 2022
https://www.techspot.com/news/93726-vodafone-investigating-claims-hacked-same-group-hit-nvidia.html
In a nutshell: It appears that the South American group behind the Nvidia
and Samsung hacks could have been responsible for another attack, and the
victim didn’t even know about it. Vodafone is investigating claims by
Lapsus$ that it stole source code from the telecoms giant, and it could be
about to dump 200GB of the pilfered data.
Lapsus$ posted a poll on its Telegram channel earlier this week asking,
“What should we leak next?” There are three options: Vodafone, Impresa, and
MercadoLibre/MercadoPago.
CNBC reports that 56% of the vote had been to dump 200GB of Vodafone source
code. The poll ends on March 13, so it looks as if the UK firm will be
chosen.
A spokesperson told CNBC: “We are investigating the claim together with law
enforcement, and at this point we cannot comment on the credibility of the
claim. However, what we can say is that generally the types of repositories
referenced in the claim contain proprietary source code and do not contain
customer data.”
Argentinian eCommerce company MercadoLibre/MercadoPago and Portuguese media
conglomerate Impresa, which suffered a data breach late last year, didn’t
respond to requests for comment.
Lapsus$ has been on the rampage over the last few weeks. It recently leaked
1TB of stolen data from Nvidia that exposed over 70,000 employee account
login credentials. The group also claims to have used the stolen info to
create a tool that can bypass Nvidia’s Lite Hash Rate limiter without
flashing or updating the firmware on a graphics card. It had been offering
the tool to potential buyers for $1 million.
The hackers then claimed an attack that leaked 190GB of confidential
information from Samsung, including encryption data and source code for the
company’s most recent devices. The leak also purportedly contained
algorithms for biometric unlock operations and source code for Samsung
Accounts, a login service associated with Samsung's mobile devices.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20220310/598d9173/attachment.html>
More information about the BreachExchange
mailing list