Hackers claim to sell Target source code after alleged data leak

Hackers are reportedly attempting to sell internal source code belonging to Target Corporation, after publishing what appears to be a sample of stolen code repositories on a public software development platform, according to a recent report by BleepingComputer.

An unknown threat actor created multiple repositories on Gitea, a self-hosted Git service, purportedly containing portions of Target's internal code and developer documentation. These repositories were presented as a preview of a larger dataset allegedly offered for sale on underground forums. The sample repositories included names like 'wallet-services-wallet-pentest-collections' and 'Secrets-docs,' and the associated SALE.MD file listed tens of thousands of files, totaling approximately 860 GB.

Commit metadata and documentation within the repositories referenced internal Target development servers and named current Target engineers. Following inquiries from BleepingComputer, the files were removed, and Target's Git server became inaccessible from the internet. This alleged incident highlights the persistent risk of insider threats or sophisticated external attacks targeting proprietary source code.

Source: BleepingComputer