A cybercriminal claims to have stolen 20 gigabytes of sensitive data from the French tech and consulting giant, Capgemini - but the company is refusing to comment so far
The hacker, alias “grep”, posted a new thread on the popular dark web forum, BreachForums, in which they detailed their loot, which allegedly included databases, source code, private keys, credentials, API keys, projects, employee data (including names, email addresses, usernames, and password hashes). The archive also contains backups, and Capgemini clients’ internal configuration details for cloud infrastructure.
"They had more data but I decided to exfiltrate only big files, company confidential, Terraform, and many more," grep wrote in the thread. The crook shared a few samples as well, which included alleged T-Mobile virtual machine logs.
However, a T-Mobile US representative confirmed to TechRadar Pro that the data does not belong to that company.
"This is not T-Mobile US," they told us. "From what we can tell, we believe this may be a T-Mobile brand outside of the US."
No word from Capgemini yet
If any of the files are confirmed legitimate, this data breach could hurt Capgemini quite a lot.
However so far the organization is silent, and has yet to confirm, or deny, the hacker’s claims. The company’s website has no statements, and neither do its X or LinkedIn pages. TechRadar Pro has reached out to Capgemini for comment and will update the article if we hear back.
Capgemini provides a range of services including IT consulting, managed services, and software development, helping businesses adopt new technologies to improve efficiency, operarating in over 50 countries and serves clients across various industries, such as finance, healthcare, and manufacturing.
Last year, it generated more than $24 billion in revenue, and this year it won a UK government contract worth up to $750 million. Under the deal, the company will run His Majesty’s Revenue and Customs’ legacy tax management systems until 2029.
Via The Register
Edited on September 18 to include a statement from T-Mobile US.
More from TechRadar Pro
- Teenage hacker arrested over TfL hack — as thousands of customer bank details confirmed stolen
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now