- Unknown hackers claim to be selling 860GB of Target internal source code and documentation
- Data allegedly includes wallet services, identity tools, gift card systems, and developer metadata
- Target locked down servers and removed repositories; breach authenticity still unverified
Hackers are apparently selling internal source code stolen from American retail giant Target.
A previously unknown threat actor posted in an underground hacking community to claim they were selling Target’s data, and that this was the first of many datasets to go on auction.
To support their claim, the poster created multiple repositories on Gitea, a self-hosted Git platform, and uploaded a small sample of the data.
Data for sale
The repositories, totaling around 860 GB in size, appeared to contain internal Target source code, configuration files, and developer documentation, while repository names were referencing internal systems such as wallet services, identity management, store networking tools, secrets documentation, and gift card systems.
Each repository included a SALE.MD file listing tens of thousands of files and directories allegedly included in the full dataset. The index exceeded 57,000 lines and advertised a total archive size of roughly 860 GB.
Furthermore, commit metadata and documentation inside the repositories referenced internal Target development servers, internal URLs such as confluence.target.com, and named current Target lead and senior engineers.
Soon after news broke, BleepingComputer notified Target about the incident, and quickly after that - the Gitea repositories were taken offline. Around the same time, Target’s internal Git server (which was accessible from the internet) was locked down.
BleepingComputer also said search engines previously indexed and cached some content from git.target.com, hinting that some of the stolen data may have been publicly accessible at some point. However, it was unable to determine when, or under what configuration.
At this moment, the authenticity of the criminals’ claims cannot be verified, and Target is yet to comment, but since the company obviously moved to take down the Gitea repositories, it is safe to assume that the breach is quite serious.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
