Phone network Vodafone (opens in new tab) seems to have suffered a data breach at the hands of the increasignly infamous Lapsus$ group, without even knowing it.
The group recently issued a poll on its Telegram channel, asking their subscribers whose stolen data they should dump next - with three options available: Vodafone, Impresa, and MercadoLibre/MercadoPago.
The latter is an Argentinian ecommerce company, while Impresa is a Portuguese media conglomerate which suffered a major data breach in late 2021.
We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.
>> Click here to start the survey in a new window (opens in new tab) <<
But Vodafone, which is allegedly leading the poll with more than 50% of the votes, says it wasn’t aware of any hack.
“We are investigating the claim together with law enforcement, and at this point we cannot comment on the credibility of the claim," a Vodafone spokesperson said, adding, "However, what we can say is that generally the types of repositories referenced in the claim contain proprietary source code and do not contain customer data.”
If Lapsus$ really does come through with the threat, it will leak 200GBs of Vodafone’s source code. We don’t know if any virus or ransomware was used in the attack, or whether or not the company is negotiating with the threat actors.
> Samsung confirms cyberattack, says internal data leaked (opens in new tab)
> Hackers threaten to turn every Nvidia GPU into a Bitcoin mining machine (opens in new tab)
> Stolen Nvidia code signing certificates used to sign off malware (opens in new tab)
Lapsus$ has been wreaking havoc across the business world in these last few months. It has already leaked a huge amount of Samsung’s sensitive data, which would, allegedly, place many of its endpoints (opens in new tab) at risk.
It also leaked a terabyte of data from Nvidia (opens in new tab) recently, including usernames and passwords of tens of thousands of Nvidia employees. Furthermore, it claims to have used the data to create a tool that circumvents the hash rate limiter placed on the Nvidia RTX 30-series video cards.
The tool, on sale for $1 million, would allow Ethereum miners to use the cards in their full capacity, rather than half of it, as is currently the case.
- Check out the best firewalls (opens in new tab) right now
Via: CNBC (opens in new tab)