176/69 Friday, March 27, 2026
The cybercrime group LAPSUS$ has claimed responsibility for breaching AstraZeneca and exfiltrating approximately 3GB of internal data. The allegedly stolen data includes system credentials, authentication tokens, source code in multiple languages such as Java, Angular, and Python, as well as employee information. However, AstraZeneca has not officially confirmed the incident.
Reports indicate that although the leaked data may not directly include passwords, information such as source code, system architecture, and access-related data could be leveraged by attackers for system mapping, enabling further attacks such as phishing or deeper network intrusions. If confirmed, the incident could pose long-term risks to the organization’s operations and security posture.
The claim was published on dark web platforms, where the attackers reportedly showcased samples of the stolen data and offered it for sale. This incident reflects a growing trend of cybercriminal groups targeting the healthcare sector, which holds highly valuable assets including intellectual property, sensitive internal data, and critical infrastructure. Such data can be exploited for extortion, ransomware campaigns, or further cyberattacks in the future.