A hacker has claimed to have stolen a substantial 20 gigabytes of data from Capgemini, a prominent French IT and consulting company.
This alleged breach, if confirmed, could have significant repercussions for the company and its clients.
The hacker, using the alias “grep,” recently posted a thread on the dark web forum BreachForums. In the post, grep detailed the stolen data, which supposedly includes a variety of sensitive information.
The stolen archive reportedly contains databases, source code, private keys, credentials, API keys, project details, and even employee data, such as names, email addresses, usernames, and password hashes.
Additionally, the hacker claims to have accessed backups and internal configuration details for Capgemini’s cloud infrastructure.
In their forum post, grep mentioned that although they had access to more data, they chose to exfiltrate only the most significant files, including company confidential information, Terraform scripts, and more.
The hacker also shared samples, which purportedly included logs from virtual machines associated with T-Mobile.
However, a representative from T-Mobile US has clarified that the leaked data does not belong to their company. It seems the data may be linked to a T-Mobile brand outside the US.
As of now, Capgemini has not provided any comment regarding the breach. The company’s website, as well as its social media pages on X (formerly Twitter) and LinkedIn, remain silent on the issue.
Capgemini is a major player in the IT consulting industry, offering a wide range of services including IT consulting, managed services, and software development.
With operations in over 50 countries, the company serves clients across various sectors such as finance, healthcare, and manufacturing. Last year, Capgemini reported over $24 billion in revenue and recently secured a significant UK government contract worth up to $750 million.
Under this contract, Capgemini will manage His Majesty’s Revenue and Customs’ (HMRC) legacy tax management systems until 2029.
If the hacker’s claims are verified, this data breach could have serious implications for Capgemini, potentially affecting its operations and damaging its reputation.
The stolen data might also put Capgemini’s clients at risk, especially if sensitive or personal information is exposed.
For now, the tech community and Capgemini’s clients will be watching closely to see if the company addresses the breach and provides any additional information.
The silence from Capgemini is raising concerns and speculation, making it essential for both the company and affected individuals to stay vigilant.