Argentinian e-commerce giant Mercado Libre has confirmed “unauthorized access” to a part of its source code this week.
Mercado additionally says data of around 300,000 of its users was accessed by threat actors.
The company’s announcement follows a poll by the data extortion group, Lapsus$ in which they threatened to leak data allegedly stolen from Mercado and other prominent companies.
In a press release and a Form 8-K filing seen by BleepingComputer today, MercadoLibre confirmed that a part of its source code had been subject to unauthorized access.
At this time, it does not appear that Mercado’s IT infrastructure was affected or that sensitive information has been compromised.
It is not clear at this time if the information of these 300,000 Mercado users was stored in one of the source code repos—a practice BleepingComputer has come across before when reporting on some data breach cases.
