Phone network Vodafone seems to have suffered a data breach at the hands of the increasignly infamous Lapsus$ group, without even knowing it.
The group recently issued a poll on its Telegram channel, asking their subscribers whose stolen data they should dump next - with three options available: Vodafone, Impresa, and MercadoLibre/MercadoPago.
The latter is an Argentinian ecommerce company, while Impresa is a Portuguese media conglomerate which suffered a major data breach in late 2021.
Vodafone investigating
But Vodafone, which is allegedly leading the poll with more than 50% of the votes, says it wasn’t aware of any hack.
“We are investigating the claim together with law enforcement, and at this point we cannot comment on the credibility of the claim," a Vodafone spokesperson said, adding, "However, what we can say is that generally the types of repositories referenced in the claim contain proprietary source code and do not contain customer data.”
If Lapsus$ really does come through with the threat, it will leak 200GBs of Vodafone’s source code. We don’t know if any virus or ransomware was used in the attack, or whether or not the company is negotiating with the threat actors.
Lapsus$ has been wreaking havoc across the business world in these last few months. It has already leaked a huge amount of Samsung’s sensitive data, which would, allegedly, place many of its endpoints at risk.
It also leaked a terabyte of data from Nvidia recently, including usernames and passwords of tens of thousands of Nvidia employees. Furthermore, it claims to have used the data to create a tool that circumvents the hash rate limiter placed on the Nvidia RTX 30-series video cards.
The tool, on sale for $1 million, would allow Ethereum miners to use the cards in their full capacity, rather than half of it, as is currently the case.
- Check out the best firewalls right now
Via: CNBC
