ASTRAZENECA is the target of a newly surfaced Dark Web post claiming an alleged data breach linked to the LAPSUS$ threat group, with claims that internal code and infrastructure data have been exposed. The Dark Web listing allegedly includes source code in Java, Angular, and Python, cloud infrastructure references tied to AWS, Azure and Terraform, and secrets or access material, in an archive said to be about 3 GB in size.
The file tree described in the claim appears to contain AstraZeneca-branded Java package paths, database scripts, environment configuration files, and internal project structures, with the archive reportedly comprising 1,486 directories and 5,892 files. The article emphasises that, at this stage, the breach is described as a claim by LAPSUS$ rather than a confirmed incident, and notes that the data could also include GitHub Enterprise user information and identity-related records.
It further warns about potential follow‑on intrusion risks, credential and identity abuse, and supply-chain impacts if any of the exposed materials prove authentic, underlining the healthcare sector’s heightened attractiveness to extortion-driven actors.