Target Corporation internal source code and developer documentation leak claim
Data Leak
Summary
Hide ▲
Show ▼
Target Corporation is facing an internal source code and documentation leak claim centered on sample repositories posted to Gitea and a larger archive reportedly being offered for sale. Multiple current and former employees told BleepingComputer the leaked material matches real internal systems, including BigRED, TAP [Provisioning], and tooling around a customized Vela-based CI/CD platform, while git.target.com was later locked down to require a Target-managed network or VPN. The full dataset is still unverified, but the alleged ~860GB size, the authentic-looking sample, and the reported late September 2025 infostealer infection keep the disclosure significant.
Related Happenings
Single organization's private GitHub repository cloned after confirmed access
Data Leak
H score12
First: 09.07.2026 21:38
Last: 09.07.2026 21:38
Sources 1
About this happening:
**Confirmed access** to a **private GitHub repository** belonging to **one organization** marks a concrete **data exposure** and raises the risk of source-code or internal-content...
Single organization's private GitHub repository cloned after confirmed access
Data LeakAbout this happening: **Confirmed access** to a **private GitHub repository** belonging to **one organization** marks a concrete **data exposure** and raises the risk of source-code or internal-content...
GitHub data exposed after GitHub breach
Data Leak
H score35
First: 20.05.2026 11:14
Last: 20.05.2026 11:14
Sources 1
About this happening:
GitHub confirmed **exfiltration** of **internal repositories**, making private code and related content potentially available to outsiders. Attackers on the **Breached cybercrime...
GitHub data exposed after GitHub breach
Data LeakAbout this happening: GitHub confirmed **exfiltration** of **internal repositories**, making private code and related content potentially available to outsiders. Attackers on the **Breached cybercrime...
GitHub internal repositories private-code leak claim
Data Leak
H score46
First: 20.05.2026 08:08
Last: 20.05.2026 08:08
Sources 1
About this happening:
GitHub is facing a claimed leak of **internal repositories** after **TeamPCP** said it had access to about **4,000 private-code repos** and tried to sell samples. The alleged expo...
GitHub internal repositories private-code leak claim
Data LeakAbout this happening: GitHub is facing a claimed leak of **internal repositories** after **TeamPCP** said it had access to about **4,000 private-code repos** and tried to sell samples. The alleged expo...
Latest development: 21.05.2026 17:45
A malicious version of Nx Console 18.95.0 was uploaded to Visual Studio Marketplace and Open VSX on May 18, fetched an obfuscated payload, and harvested secrets from ~/.vault-token, /etc/vault/token, .npmrc, ghp_/gho_/ghs_ tokens, AWS metadata, and other local sources; GitHub said the poisoned VS Code extension led to unauthorized access to about 3800 internal repositories.
GitHub hit by network compromise
Incident
H score42
First: 20.05.2026 07:01
Last: 20.05.2026 07:01
Sources 1
About this happening:
GitHub is investigating unauthorized access to its internal repositories after a third party allegedly offered stolen material for sale on a cybercrime forum. The intrusion was li...
GitHub hit by network compromise
IncidentAbout this happening: GitHub is investigating unauthorized access to its internal repositories after a third party allegedly offered stolen material for sale on a cybercrime forum. The intrusion was li...
Latest development: 20.05.2026 13:45
GitHub detected unauthorized access tied to a poisoned Visual Studio Code (VS Code) extension on an employee device, removed the malicious extension version, isolated the endpoint, and began incident response to contain exposure across internal repositories.
Victim organization's AWS environment hit by data theft breach
Incident
H score36
First: 11.03.2026 09:31
Last: 11.03.2026 09:31
Sources 1
About this happening:
**UNC6426** breached a victim organization's **AWS environment** and escalated to **administrator access** in **less than 72 hours**, creating immediate risk of **data theft** and...
Victim organization's AWS environment hit by data theft breach
IncidentAbout this happening: **UNC6426** breached a victim organization's **AWS environment** and escalated to **administrator access** in **less than 72 hours**, creating immediate risk of **data theft** and...
Timeline
-
13.01.2026 15:08 1 articles · 5mo ago
Target restricts git.target.com access to internal network or VPN
Mitigation Patch UpdateEffective January 9, 2026, Target accelerated a security change so access to git.target.com, Target's on-prem GitHub Enterprise Server used for internal development, now requires a Target-managed network either on-site or via VPN. The server was no longer reachable from the public internet.
Show sources
- Target employees confirm leaked code after ‘accelerated’ Git lockdown — www.bleepingcomputer.com — 13.01.2026 15:08
-
12.01.2026 19:52 3 articles · 5mo ago
Target Corporation internal source code and developer documentation leak claim
Initial DisclosureAn unknown actor posted sample **Gitea** repositories that appeared to contain **Target** source code and internal documentation, then tied the preview to a larger dataset allegedly for sale. The first-stage disclosure was a public sample paired with an auction-style sales pitch.
Show sources
- Target's dev server offline after hackers claim to steal source code — www.bleepingcomputer.com — 12.01.2026 19:52
- Target's dev server offline after hackers claim to steal source code — www.bleepingcomputer.com — 12.01.2026 19:52
- Target employees confirm leaked source code is authentic — www.bleepingcomputer.com — 13.01.2026 15:08