- Unknown hackers claim to sell 860 GB of Target’s internal source code and documentation.
- The data would include wallet services, identity tools, gift card systems and developer metadata.
- Target locked servers and deleted repositories; authenticity of violation still unverified
Hackers are reportedly reselling stolen internal source code to US retail giant Target.
A previously unknown threat actor posted to an underground hacker community claiming they were selling Target’s data and that this was the first of many data sets being auctioned.
To support their claim, the author created several repositories on Gitea, a self-hosted Git platform, and uploaded a small sample of the data.
Data for sale
The repositories, with a total size of approximately 860 GB, appeared to contain Target’s internal source code, configuration files, and developer documentation, while the repository names referred to internal systems such as wallet services, identity management, store networking tools, secrets documentation, and gift card systems.
Each repository included a SALE.MD file listing tens of thousands of files and directories purportedly included in the full dataset. The index exceeded 57,000 lines and claimed a total archive size of approximately 860 GB.
Additionally, validate metadata and documentation in repositories referenced by internal Target development servers, internal URLs such as confluence.target.com, and named current Target maintainers and senior engineers.
Shortly after the news was announced, BeepComputer notified Target of the incident, and shortly after, the Gitea repositories were taken offline. Around the same time, Target’s internal Git server (accessible from the Internet) was locked down.
BeepComputer also said that search engines had previously indexed and cached some content from git.target.com, hinting that some of the stolen data may have been publicly available at some point. However, he was unable to determine when or in what configuration.
At the moment, the authenticity of the criminals’ claims cannot be verified and Target has not yet commented, but since the company has obviously decided to remove the Gitea repositories, it can be assumed that the violation is quite serious.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
