Lapsus$ Breaches Mercado Libre

Industry: E-Commerce | Level: Strategic | Source: BleepingComputer

Threat group, Lapsus$'s recent string of breaches, including Nvidia and Samsung, has now added Argentine e-commerce giant, Mercado Libre, Inc. to the compromise list. As reported by BleepingComputer, "unauthorized access" was identified on the company's source code potentially impacting approximately 300,000 of the company's users. From the company's Securities and Exchange Commission (SEC) Form 8-K filing, the breach did not impact the company's IT infrastructure. Mercado provided the following statement, "Although data from approximately 300,000 users (out of our nearly 140 million unique active users) was accessed, to date and according to our initial analysis, we have not found any evidence that our infrastructure systems have been compromised or that any users’ passwords, account balances, investments, financial information or credit card information were obtained. We are taking strict measures to prevent further incidents."