- Unknown hackers claim to be selling 860 GB of internal Target documentation and source code
- The data allegedly includes wallet services, identity tools, gift card systems, and developer metadata.
- Target blocked servers and deleted repositories; authenticity violation not yet verified
Hackers are apparently selling internal source code stolen from US retail giant Target.
A previously unknown threat actor posted to an underground hacking community to claim that they were selling Target data and that this was the first of many data sets that would come up for auction.
To support his claim, the author created several repositories on Gitea, a self-hosted Git platform, and uploaded a small sample of the data.
Data for sale
The repositories, with a total size of around 860GB, appeared to contain Target’s internal source code, configuration files, and developer documentation, while the repository names referenced internal systems such as wallet services, identity management, store networking tools, secret documentation, and gift card systems.
Each repository included a SALE.MD file that listed tens of thousands of files and directories supposedly included in the full data set. The index exceeded 57,000 lines and announced a total file size of approximately 860 GB.
Additionally, confirm metadata and documentation within the repositories with reference to internal Target development servers, internal URLs such as confluence.target.com, and current Target senior engineers and leaders.
Shortly after the news broke, beepcomputer notified Target about the incident, and shortly afterward, Gitea’s repositories were taken offline. Around the same time, Target’s internal Git server (which could be accessed from the Internet) was blocked.
beepcomputer He also said that search engines previously indexed and cached some of the content on git.target.com, hinting that some of the stolen data may have been publicly accessible at some point. However, he could not determine when or under what settings.
At this time, the authenticity of the criminals’ claims cannot be verified and Target has yet to comment, but given that the company has obviously taken steps to remove Gitea repositories, it is safe to assume that the breach is quite serious.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
