Threat Actor: grep | grep
Victim: Capgemini | Capgemini
Price: Not disclosed
Exfiltrated Data Type: Sensitive company data, including databases, source codes, private keys, credentials, API keys, and employee information
Key Points :
- The breach occurred in September 2024, exposing 20 gigabytes of sensitive data.
- Data included confidential company documents, threat reports, and logs of T-Mobile’s virtual machines.
- The threat actor claimed to have accessed more data but chose to exfiltrate only the largest and most sensitive files.
- Capgemini is a leading global IT and consulting firm with nearly $30 billion in revenue.
- Samples of the stolen data were provided by the threat actor in their announcement.
A threat actor, operating under the alias “grep”, has claimed responsibility for a significant data breach targeting French multinational IT services giant, Capgemini. The alleged breach, announced in a dark web post, reportedly exposed 20 gigabytes of sensitive data, including company databases, source codes, private keys, credentials, API keys, and employee information.
The breach, which is said to have occurred in September 2024, allegedly compromised confidential company documents, threat reports, and even logs of T-Mobile’s virtual machines. The threat actor stated that while more data was accessible, they chose to exfiltrate only the largest and most sensitive files, including project files, Terraform data, and other confidential materials.
Capgemini, a leading global IT and consulting firm founded in 1967, has built a reputation as a key partner in digital transformation, with nearly $30 billion in revenue and a strong following of nearly seven million professionals on LinkedIn.
Samples of the stolen data were provided by the threat actor.
The post Threat Actor Allegedly Breached Capgemini appeared first on Daily Dark Web.