Cybercrime group Lapsus$ claims it hacked AstraZeneca, stealing 3GB of data including credentials, code, and employee information.
The Lapsus$ group claims it breached AstraZeneca, stealing about 3GB of sensitive data. The alleged leak includes credentials, tokens, internal code repositories (Java, Angular, Python), and employee information, though the company has not yet confirmed the breach.
Even if stolen data doesn’t include passwords, this information could help attackers map systems, launch phishing attacks, and target internal operations, making the incident potentially serious if confirmed.
The group claimed the security breach on a dark web post, if confirmed, it could be one of the most serious healthcare cyber incidents this year.
“An alleged breach involving AstraZeneca was advertised on a Dark Web forum and also appeared on a data leak site associated with LAPSUS$.” reported SocRadar. “The listing claims the attackers obtained a large archive containing internal data, including source code, infrastructure-related material, and access-linked information.”
EXPLORE MORE
YouTuber Jesse Ridgway mocked Down syndrome in old video, says he can’t go to hell as an atheist
(LifeSiteNews) — YouTuber Jesse Ridgway continues to make inflammatory comments in the…
Ireland votes to abolish three-day abortion waiting period that saved thousands of lives
(LifeSiteNews) — Ireland’s Parliament voted Wednesday to abolish a mandatory three-day abortion…
University of California’s K-12 materials call January 6 an ‘insurrection,’ compare it to KKK
University of California Santa Cruz has proposed K-12 educational materials that would…
Russia-linked hackers target Signal, WhatsApp of officials globally
Russia-linked hackers are targeting Signal and WhatsApp accounts of government and military…
Missing Juvenile Breval Wizmaelle from the 35th District Has Been Located
Missing Juvenile Breval Wizmaelle from the 35th District Has Been Located |…
Missing Juvenile Jayden Love-Johnson from the 15th District
The Philadelphia Police Department is seeking the public’s assistance in locating a…

The alleged breach of AstraZeneca is significant because healthcare organizations hold highly valuable assets, including intellectual property, sensitive data, and critical infrastructure. Even without patient data, exposing code, systems, or credentials can enable further attacks, disrupt operations, and increase extortion risks.
“At this stage, the safest framing is that the breach was claimed by LAPSUS$ through Dark Web-related channels and a breach listing attributed to the group. The listing on the threat actors’ data leak site appears to advertise AstraZeneca data for sale.” continues the report.

AstraZeneca has not yet confirmed the alleged breach or publicly addressed the extortion group’s claims.
The incident, claimed by Lapsus$, fits a broader trend of targeting healthcare for leverage. The leaked archive appears large and structured, containing code, configurations, and operational data, suggesting a serious internal exposure rather than a minor leak, if confirmed.
