What happened in the Capgemini data breach?

A cybercriminal known as 'grep' claims to have stolen 20GB of sensitive data from Capgemini, a major French multinational IT and consulting firm. The attacker posted on BreachForums, stating they selectively exfiltrated data they considered most valuable, including large files, confidential documents, and internal cloud infrastructure details.

What types of data were reportedly stolen from Capgemini?

The stolen data reportedly includes source code, private keys, credentials, API keys, employee information, T-Mobile's virtual machine (VM) logs, and other confidential company documents.

How did the attacker announce the Capgemini data breach?

The attacker, known as 'grep,' announced the data breach on BreachForums, sharing sample data such as T-Mobile VM logs and screenshots of customer information on hacking forums.

Has Capgemini confirmed the data breach?

Capgemini has not yet confirmed or denied the data breach and has not commented on the claims made by the attacker.

What specific types of files were reportedly stolen from Capgemini?

The attacker claims to have stolen Terraform files, internal cloud infrastructure details, source code, private keys, credentials, API keys, and other confidential documents.

Incident

Hacker claims data breach of Capgemini

Q: What is Capgemini's status in the IT and consulting industry?

Capgemini is a major French multinational IT and consulting firm and one of the world's leading IT services firms, with reported revenues of over €22 billion (approximately $24 billion) in 2023.

published: Sept. 12, 2024

Learn More

A cybercriminal, known as "grep," claims to have stolen 20GB of sensitive data from Capgemini, a major French multinational IT and consulting firm. Capgemini is one of the world's leading IT services firms, with reported revenues of over €22 billion (approximately $24 billion) in 2023.

The attacker claims to have targeted Capgemini this month and posted on BreachForums, stating they selectively exfiltrated data they considered most valuable, such as large files, confidential company documents, Terraform files, internal cloud infrastructure details, and more.

Sample data, including T-Mobile VM logs and screenshots of customer information, have been shared on hacking forums.

The stolen data reportedly includes

source code,
private keys,
credentials,
API keys,
employee information,
T-Mobile's virtual machine (VM) logs.

Capgemini has not yet confirmed or denied the data breach. The company has not commented on the claims made by the attacker.

Read More
Fireworks Software reports data breach, exposing 27k Individuals
Hitachi Vantara takes servers offline after Akira ransomware …
Cascading GitHub action supply chain attacks: reviewdog/action-setup leads …
HackerOne reports data breach through third-party Salesforce Drift …
Data leak at beWanted exposes 1.1 Million job …