Vorlon Blog

Capgemini's Data Disaster: When Hackers Turned Consulting into Chaos

Written by Mahima Kulkarni | Sep 23, 2024 4:00:00 PM

Introduction

A new data breach has surfaced, and this time, it involves global IT services giant Capgemini. A hacker going by the name "grep" claims to have infiltrated Capgemini’s systems, walking away with 20GB of sensitive information.

This stolen data reportedly includes databases, source code, employee credentials, and even virtual machine logs from T-Mobile. The announcement was made on the notorious BreachForums, where "grep" provided samples to back up the claim.

What Was Stolen?

The leaked data includes SQL entries showing user permissions and employee credentials. In addition, T-Mobile's internal project files and virtual machine logs were also allegedly compromised. Interestingly, the hacker noted they could have taken even more data but opted to target only large, confidential files

While there is no confirmation from Capgemini regarding the breach, the company is under pressure to respond, especially given the stringent General Data Protection Regulation (GDPR) requirements, which mandate that breaches be disclosed within 72 hours.

Is T-Mobile US Affected?

There was some initial confusion surrounding T-Mobile's involvement in this breach. However, an update clarified that the T-Mobile entity mentioned by the hacker is not T-Mobile US, meaning no customer data from T-Mobile US is part of this leak.

That said, the timing couldn't be worse for T-Mobile, which has already faced scrutiny this year. The company was fined $60 million by the Committee on Foreign Investment in the United States (CFIUS) for failing to prevent unauthorized access to sensitive data between 2020 and 2021. As customers still await settlement payments from that earlier breach, this latest incident only adds to the list of T-Mobile-related cybersecurity challenges.

What’s Next?

As of now, Capgemini has not issued a public statement regarding the breach. With GDPR in play, they are required to report the breach within 72 hours if confirmed. 

The full scope of the attack remains unclear, but the breach highlights ongoing cybersecurity concerns, even at companies like Capgemini that specialize in safeguarding data for global corporations. As we await further updates, this incident serves as yet another reminder of the importance of good security measures and the far-reaching impact of third-party risks.