LAPSUS$ Claims AstraZeneca Data Breach with 3GB Internal Data Dump for Sale

LAPSUS$ Claims AstraZeneca Data Breach with 3GB Internal Data Dump for Sale

First seen 23 Mar 2026, 06:27 UTC CybersecuritynewsGbhackersCybernewsSecurityaffairs.CoEscudodigital 88% similarity 66.0

Article Content

Browse articles
ThreatCluster

The hacking group LAPSUS$ has allegedly claimed responsibility for a significant data breach at AstraZeneca, attempting to sell a 3GB internal data dump. This breach suggests a compromise of AstraZeneca's internal network, with the group shifting towards a pay-to-access extortion model. The data dump reportedly contains sensitive intellectual property and infrastructure configuration details, raising concerns about potential impacts on AstraZeneca's supply chain operations. The attackers have shared teasers of the stolen data on illicit forums, including password-protected links to redacted secrets. The breach includes high-level privilege accounts across multiple internal repositories, which could lead to further exploitation. As of March 20, 2026, AstraZeneca has not issued an official comment on the incident. Security researchers are closely monitoring the situation for developments.

Key Points: • LAPSUS$ claims a data breach at AstraZeneca, offering a 3GB internal data dump for sale. • The breach involves sensitive operational data that could impact AstraZeneca's supply chain. • No official statement from AstraZeneca has been released regarding the breach as of March 20, 2026.

ThreatCluster AI

Timeline

2026-03-20
AstraZeneca has not issued an official comment on the breach.
2026-03-22
Cybersecuritynews reports on LAPSUS$ claiming the breach.
2026-03-23
Gbhackers publishes details of the breach and LAPSUS$ activities.

Community

Browse all →