AstraZeneca Hacking Incident Exposed by Extortion Group

Post Views: 9

A Notorious Extortion Group Boasts About Stealing Sensitive Data from Pharmaceutical Giant AstraZeneca

Last week, the notorious extortion group Lapsus$ claimed to have hacked into the systems of pharmaceutical giant AstraZeneca, exfiltrating around 3 gigabytes of sensitive data.

According to cybersecurity firm SocRadar, the hackers stole a wide range of sensitive enterprise data, including employee information, internal code repositories, and project paths associated with internal development assets.

Compromised Data Includes:

Java-based application code, such as controllers, repositories, services, and configuration files
Internal code repositories and employee data
Credentials and other secrets, including GitHub Enterprise-related user information and corporate addresses
Large numbers of SQL scripts, table definitions, views, and inventory or order-management components

The file tree also suggests that the alleged breach may touch internal business operations, supply chain workflows, and system administration data.

Lapsus$ has added AstraZeneca to its Tor-based leak site, offering the allegedly stolen information for sale. However, the group has not set a price for the data.

If the hacking group’s claims are verified, the blast radius from the incident could be broad, impacting employees, partners, intellectual property, and the supply chain.

Some voices suggest that the AstraZeneca hack could be linked to a recent supply chain attack that affected Aqua’s Trivy vulnerability scanner, but security researchers are skeptical, citing circumstantial evidence.

Security experts are urging caution and emphasizing the importance of verifying the authenticity of the claims before drawing conclusions. As the situation continues to unfold, it remains to be seen whether the allegations against Lapsus$ will prove to be accurate.