Hacker breaks into Capgemini's system and uploads stolen data on a forum [Updated]
Update from September 17, 2024
We have been informed that the entity T-Mobile mentioned by the leaker is not the same as T-Mobile US. This means that the leak doesn't contain any data related to T-Mobile US.
The original story from September 16, 2024, continues below.
A cybercriminal who calls themselves "grep" claims to have broken into Capgemini's system and stolen 20GB of sensitive information, including databases, source code, credentials, and employee information, reports Cyber Insider.
T-Mobile's virtual machine logs, internal project files, and confidential information were also compromised during the data breach, which was first announced through a post on BreachForums. Samples provided by grep include SQL entries mentioning employee credentials and user permissions. The threat actor also siphoned off data on Capgemini employees.
A similar post was also made on a dark web forum, though it's not clear whether it was authored by grep.
A hacker apparently managed to breach Capgemeni's system. | Image Credit - cyberundergroundfeed on X
Grep says that they could have stolen even more data, but decided to only go for big, confidential files.
Capgemini hasn't yet confirmed whether it was breached by hackers. Under the General Data Protection Regulation (GDPR), companies across the European Union, including France, must disclose data breaches within 72 hours of learning about them.
It's not known whether T-Mobile has been alerted about the break-in and how much of its data was compromised during the breach. While T-Mobile may not be held directly responsible for not doing enough to prevent the data leak, it's not going to be a good look for the company, which was fined $60 million earlier this year by the Committee on Foreign Investment in the United States (CFIUS) for not being able to prevent unaothorized access to sensitive data between August 2020 and June 2021 and not informing the committee about the issue promptly.
Meanwhile, customers awaiting a payout for the 2021 breach that impacted 76.6 million T-Mobile users will likely receive their share of the settlement fund as soon as matters delaying payments are officially resolved.
Things that are NOT allowed: