A reported target hack involving stolen source code has drawn attention after cybercriminals claimed that they have stolen data linked to the US retailer. The incident surfaced when a previously unknown threat actor posted on an underground forum. It is offering what is described as “Sensitive development files” for sale. Some sample data was also published to support the claim.
Target hack source code claims emerge online
The threat actor announced the sale of stolen data on an underground hacking forum. It also stated that only the first dataset is released. To back the claim, the individual uploaded sample files to several repositories hosted on Gitea, a self-hosted Git service. The repositories were made public for a limited time, only to show that the files are “real”. It was, however, taken down shortly.
The uploaded repositories appeared to contain internal Target source code, configuration data, and developer documentation. File and folders name reveals stuff like digital wallets, identity services, store networking tools, secrets management, and gift card platforms. Each repository included a SALE.MD file listing tens of thousands of files allegedly included in the full archive. The hacker claims the total dataset to be around 860 gigabytes.
The incident raises serious questions about corporate data safety measures
Security researchers have warned that even a little bit of exposure to the data could help attackers understand internal systems and plan further attacks. This could make the situation even more serious, that too without involving any customer data. Though the repositories were quickly taken offline and the target was notified as soon as it was discovered. Access to an internal Git server connected to Target was further restricted.
According to reports from BleepingComputer, some related pages had previously been indexed by search engines. This indicates that the data may have been exposed publicly at some point due to configuration issues. At this stage, the authenticity of the hackers’ claims has not been independently confirmed, and Target has not issued a public statement. However, the company acted quickly and took down the Git repositories.
The post Target Hack Claims Surface as Source Code Allegedly Listed for Sale Online appeared first on Android Headlines.
