Target staff have validated the legitimacy of leaked source code samples following the appearance of stolen data repositories on a public platform. This confirmation comes alongside internal notices detailing immediate changes to the company's system access protocols in response to the security incident.

Hackers are currently claiming to offer internal source code belonging to Target Corporation for sale after publishing a sample of stolen repositories on a development site. The breach was first noticed when an anonymous actor created several folders on Gitea that appeared to hold portions of the retailer's private code and technical documentation. These public files were presented as a small preview of a much larger archive being marketed to buyers within underground hacking communities.

When news of the potential breach reached Target, the company took immediate action to mitigate the exposure. Shortly after inquiries were made regarding the authenticity of the leaked files, the specific repositories were removed from the internet. Additionally, Target’s primary internal Git server was taken offline, making it inaccessible to the public as the company worked to secure its development environment.

Evidence of the intrusion surfaced within private hacking forums where the threat actor shared screenshots as proof of their access. These images were intended to demonstrate that the intruder had successfully bypassed security to enter the retailer's internal development systems. The actor used these visual confirmations to build credibility for the subsequent auction of the stolen information.

According to those tracking the incident, the hackers have framed this release as the first significant set of data to be put up for auction. The scale of the theft appears substantial, with the intruder claiming that the sample represents only a fraction of the total materials seized. This indicates a targeted effort to monetize the company's proprietary software assets through private sales.

Each of the leaked repositories contained a specific file that cataloged the contents of the full dataset available for purchase. This listing spanned over fifty-seven thousand lines, detailing an enormous volume of files and directories. The hackers have advertised that the total archive size exceeds eight hundred gigabytes, suggesting a deep and extensive compromise of the company's digital infrastructure.

Source: Target Dev Server Taken Offline After Hackers Claim Source Code Theft