The ransomware group LAPSUS$, now well-known as the hackers responsible for the recent Okta breach, has returned from what they refer to as a “vacation,” this time with a leak impacting Globant, a large software company based in Luxembourg.
The group, who, according to media reports is largely comprised of teens in the United Kingdom, broadcast the announcement to the 50,000 members of their Telegram channel. Known for stealing data from large organizations then and threatening to publish it if ransom demands are not met, the group leaked 70GB of material from Globant that consisted of extracted data and credentials from the company’s DevOps infrastructure. Some of the stolen data includes administrator passwords found in the firm’s Atlassian suite, including Confluence and Jira, and the Crucible code review tool.