- Unknown hackers claim to sell 860GB of Target internal source code and documentation
- Data reportedly includes wallet services, identity tools, gift card systems, and developer metadata
- Targeted locked servers and removed repositories; the authenticity of the breach is still unconfirmed
Hackers are apparently selling internal source code stolen from US retail giant Target.
A previously unknown threat actor posted in an underground hacker community to claim they were selling Target’s data, and that this was the first of many data sets to go up for auction.
To support their claim, the poster created several repositories on Gitea, a self-hosted Git platform, and uploaded a small sample of the data.
Data for sale
The repositories, totaling about 860 GB in size, appeared to contain internal Target source code, configuration files, and developer documentation, while repository names referenced internal systems such as wallet services, identity management, store networking tools, secrets documentation, and gift card systems.
Each repository included a SALE.MD file with tens of thousands of files and folders supposedly included in the full data set. The index exceeded 57,000 lines and announced a total archive size of around 860 GB.
Additionally, commit metadata and documentation inside the repositories that reference internal Target development servers, internal URLs such as confluence.target.com, and named current Target executives and senior engineers.
Shortly after the news broke, Bleeping Computer notified Target of the incident, and soon after that – the Gitea warehouses were taken offline. Around the same time, Target’s internal Git server (which was accessible from the Internet) was locked down.
Bleeping Computer also said that search engines have previously indexed and cached some content from git.target.com, suggesting that some of the stolen data may have been publicly available at some point. However, it was unable to determine when or under what configuration.
At this time, the authenticity of the criminals’ claims cannot be verified and Target has yet to comment, but since the company apparently moved to remove the Gitea depots, it’s safe to assume that the breach is quite serious.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
