Vodafone Investigates Hacker Threat To Release Source Code

Vodafone is reportedly working with law enforcement to investigate hacking claims made by Brazilian-based hacking group Lapsus$.

Lapsus$ it should be remembered claimed responsibility last week for the data breach of South Korean electronics giant Samsung, which resulted in the theft of 190GB of data.

Then on Monday Samsung confirmed the data breach, and said the stolen data “involves some source codes relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees.”

Samsung compromise

Now Lapsus$ is claiming that it has 200GB worth of Vodafone source code, and according to CNBC, on Monday it asked its subscribers in a poll on the messaging app Telegram: “What should we leak next?” followed by three options.

The first option touted by Lapsus$ is to release around 200GB worth of Vodafone source code. The poll ends on 13 March, CNBC reported.

The other two options are the source code and databases of Portuguese media corporation Impresa and the source code for MercadoLibre and MercadoPago, both Argentinian e-commerce companies.

At the time of publication, Vodafone had 56 percent of the vote.

It is not immediately clear at the time of writing if Lapsus$ obtained any of the Vodafone source code data in the Samsung data breach, or whether it attacked Vodafone separately.

A Vodafone spokesperson meanwhile told CNBC the company is aware of the claims being made by Lapsus$.

“We are investigating the claim together with law enforcement, and at this point we cannot comment on the credibility of the claim,” the spokesperson is quoted as saying.

“However, what we can say is that generally the types of repositories referenced in the claim contain proprietary source code and do not contain customer data.”

MercardoLibre and MercadoPago, did not respond to CNBC’s request for comment.

Impresa’s websites were down and no contact information was available to reach out to the company.

Previous attacks

It comes after Lapsus$ last month hacked GPU powerhouse Nvidia.

The hackers then released a 20GB document archive of 1TB of data stolen from the GPU designer.

Nvidia confirmed that a cyber attacker had leaked employee credentials and some company proprietary information online after their systems were breached.

Vodafone meanwhile has been compromised, before this latest reported attack.

In February, Vodafone’s Portuguese unit was hit with a cyberattack that disrupted its services.

Vodafone said at the time that customers’ personal data had not been compromised.

But that attack was so serious that Vodafone Portugal’s 4G/5G mobile networks were taken down, as was SMS texts, television services, answering services, and even fixed-line voice.

Prior to that in 2015 Vodafone suspended the accounts of nearly two thousand customers after their details were found to have been accessed by outside sources.

Around 1,800 Vodafone customers were affected by that 2015 breach, which saw details such as names, passwords and telephone numbers grabbed by hackers.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago