A cybercriminal claims to have stolen 20 gigabytes of sensitive data from the French tech and consulting giant, Capgemini – but the company is refusing to comment so far
The hacker, alias “grep”, posted a new thread on the popular dark web forum, BreachForums, in which they detailed their loot, which allegedly included databases, source code, private keys, credentials, API keys, projects, employee data (including names, email addresses, usernames, and password hashes). The archive also contains backups, and Capgemini clients’ internal configuration details for cloud infrastructure.
“They had more data but I decided to exfiltrate only big files, company confidential, Terraform, and many more,” grep wrote in the thread. The crook shared a few samples as well, which included alleged T-Mobile virtual machine logs.
No word from Capgemini yet
If this truly is the case, and the files are confirmed legitimate, then this data breach could hurt Capgemini quite a lot.
However so far the organization is silent, and has yet to confirm, or deny, the hacker’s claims. The company’s website has no statements, and neither do its X or LinkedIn pages. TechRadar Pro has reached out to Capgemini for comment and will update the article if we hear back.
Capgemini provides a range of services including IT consulting, managed services, and software development, helping businesses adopt new technologies to improve efficiency, operarating in over 50 countries and serves clients across various industries, such as finance, healthcare, and manufacturing.
Last year, it generated more than $24 billion in revenue, and this year it won a UK government contract worth up to $750 million. Under the deal, the company will run His Majesty’s Revenue and Customs’ legacy tax management systems until 2029.
Via The Register