"On Jan. 12., BleepingComputer reported that multiple repositories appeared on Gitea, apparently containing parts of internal code and developer documentation belonging to the major retailer Target . As of today, Jan. 13, multiple employees of the retailer have confirmed the leaked materials are authentic. As of current reports, the threat actor behind this incident is unknown. Likewise, it is unclear whether this exposure is due to a leakage, a breach or an insider's action."
"The dataset is approximately 860GB, according to the threat actor. Target has since removed the files from online access, and the organization's Git server was likewise made inaccessible. Target has not responded to any communications from BleepingComputer on the nature of the incident. Why This Matters The incident in question pertains to a loss of source code rather than individuals' data. While both are concerning losses, the theft of source code adds a new layer to the challenges an organization may face down the road."
Multiple repositories containing parts of Target's internal source code and developer documentation appeared on Gitea and were later confirmed authentic by multiple Target employees. The actor responsible remains unknown and investigators cannot yet determine whether the exposure resulted from a leak, breach, or insider action. The threat actor claimed the dataset is approximately 860GB. Target removed the files from online access and made its Git server inaccessible, and has not responded to inquiries about the incident. The exposed materials represent source code and engineering assets rather than customer data, raising risks from exposed architectural details, credentials, and operational logic that could enable deeper or supply-chain attacks.
Read at Securitymagazine
Unable to calculate read time
Collection
[
|
...
]