Ethical Hacking News
Hackers have claimed to be selling internal source code belonging to Target Corporation after publishing a sample of stolen repositories on Gitea. The alleged breach has raised questions about the severity of the incident and how it will impact Target's customers and reputation. As cybersecurity threats continue to evolve, it is essential for companies like Target to prioritize their software development infrastructure security and take proactive measures to prevent similar incidents in the future.
Target Corporation has faced a new security breach involving its developer server. Hackers claim to have stolen the source code of Target and are selling it on an underground forum or private channel. The threat actor created multiple repositories on Gitea, a self-hosted Git service, containing portions of Target's internal code and developer documentation. The breach highlights the importance of prioritizing cybersecurity practices, particularly for software development infrastructure. The use of self-hosted Git services like Gitea can introduce additional risks if not properly configured or managed.
Target Corporation, a leading American retail company, has faced another security breach, this time involving its developer server. In recent days, hackers have claimed to have stolen the source code of Target and are now selling it on an underground forum or private channel.
According to reports, the threat actor in question created multiple repositories on Gitea, a self-hosted Git service similar to GitHub or GitLab, which contained portions of Target's internal code and developer documentation. The repositories were presented as a preview of a much larger dataset allegedly being offered for sale to buyers on the aforementioned underground forum or private channel.
The hacker group made these claims by publishing what appeared to be a sample of the stolen code repositories on Gitea. The repositories included files named SALE.MD, which listed tens of thousands of files and directories purportedly included in the full dataset. The listing was more than 57,000 lines long and advertised a total archive size of approximately 860 GB.
It is worth noting that the commit metadata and documentation referenced the names of internal Target development servers, as well as multiple current Target lead and senior engineers. This information suggests that the source code stolen by the hackers may have originated from private development infrastructure rather than publicly released code.
After BleepingComputer shared the Gitea links with Target on Thursday and requested comment on the alleged breach, all of the repositories had been removed and began returning 404 errors, consistent with a takedown request. Around the same time, Target's developer Git server at git.target.com also became inaccessible from the internet.
BleepingComputer observed that search engines such as Google had indexed and cached a small number of resources from git.target.com, indicating that some content from the domain was publicly accessible at some point in the past. However, it is unclear when those pages were indexed or under what configuration, and their presence in search results does not necessarily indicate that the current claims are linked to any exposure of the server, or that the Git infrastructure was recently accessible without authentication.
The fact that Target's most significant publicly disclosed security incident to date remains its 2013 breach, in which attackers stole payment card data and other personally identifiable information belonging to up to 110 million customers and exfiltrated it to infrastructure located in Eastern Europe, according to U.S. Senate and academic investigations, highlights the severity of this latest breach.
The identity of the hackers behind this attack remains unknown, as well as their intentions for selling Target's source code. However, it is clear that this incident has had a significant impact on Target's security posture, with the company taking immediate action to shut down access to its Git server and remove any publicly accessible content related to the breach.
As cybersecurity threats continue to evolve and become increasingly sophisticated, it is essential for companies like Target to prioritize the security of their software development infrastructure. By doing so, they can better protect against potential breaches and minimize the risk of sensitive information being compromised.
In light of this incident, it is also worth noting that the use of self-hosted Git services such as Gitea can introduce additional risks if not properly configured or managed. Hackers may be able to exploit these vulnerabilities to gain unauthorized access to a company's source code and other sensitive information.
The impact of this breach on Target's customers and reputation will likely be significant, and it remains to be seen how the company will respond in terms of remediation efforts and measures to prevent similar incidents in the future.
In conclusion, the recent hack of Target's developer server has highlighted the importance of robust cybersecurity practices and the need for companies to prioritize the security of their software development infrastructure. As the threat landscape continues to evolve, it is essential for organizations like Target to stay vigilant and take proactive steps to protect themselves against potential breaches.
Related Information:
https://www.ethicalhackingnews.com/articles/Targets-Dev-Server-Hacked-Hackers-Claim-to-Have-Stolen-Source-Code-ehn.shtml
https://www.bleepingcomputer.com/news/security/targets-dev-server-offline-after-hackers-claim-to-steal-source-code/
Published: Mon Jan 12 12:01:26 2026 by llama3.2 3B Q4_K_M
