This week, the Argentinian e-commerce behemoth Mercado Libre disclosed “unauthorised access” to a portion of its source code.
Threat actors allegedly gained access to the data of about 300,000 of Mercado’s users, according to the company.
The announcement comes after Lapsus$, a data extortion gang, threatened to publish data allegedly taken from Mercado and other important corporations in a vote.
300,000 MercadoLibre users’ information was obtained.
MercadoLibre admitted that a portion of its source code had been accessed without authorization in a press release and a Form 8-K filing reviewed by BleepingComputer today.
In addition, according to its early examination, data from MercadoLibre’s 300,000 members was accessed. It does not appear that Mercado’s IT infrastructure was harmed or that critical data was compromised at this time.
At this moment, it’s unclear whether the information of these 300,000 Mercado users was saved in one of the source code repositories—a practise that BleepingComputer has seen before when investigating data breaches.
Security protocols have been engaged, according to the organisation, and a full investigation is underway.
“We have found no evidence that our infrastructure systems have been hacked or that any user passwords, account balances, investments, financial information, or credit card information has been stolen. To prevent such accidents, we are taking careful procedures “Mercado explains.
MercadoLibre is Latin America’s largest e-commerce and payments platform, with headquarters in Buenos Aires.
Argentina, Brazil, Mexico, Colombia, Chile, Venezuela, and Peru are among the eighteen countries where the company has a user base of about 140 million unique active users.
Mercado Libre, Inc., the company’s American branch, operates online markets such as mercadolibre.com.
-Lapsus$ claims to have hacked into 24,000 repositories:
According to BleepingComputer, data extortion gang Lapsus$ claims to have accessed 24,000 source code repositories of both MercadoLibre and Mercado Pago.
On March 7th, a Lapsus$ Telegram channel posted a poll, mockingly asking members to vote for the company whose data Lapsus$ should leak next.
Impresa and Vodafone are also on the list of accused victims. The poll will close at 00:00 on March 13th, 2022, according to Lapsus$.
Last week, Lapsus$ leaked 190 GB of archives containing “secret Samsung source code,” which the group claimed. Samsung confirmed the hack of its network and the theft of valuable information, including source code from Galaxy handsets, the following week.
Extortion groups like Lapsus$ hack victims, but instead of encrypting confidential information like ransomware, they take and hold onto victims’ proprietary material, which they then disseminate if their extortion demands aren’t met.
Lapsus$ claimed responsibility for a data breach at NVIDIA, the world’s largest chipmaker, earlier this month. More than 71,000 NVIDIA employee credentials were stolen as a result of the incident, with some of them posted online.