Cyber gang Lapsus$ steals Vodafone source codes

Telecommunications company Vodafone has been the victim of a cyberattack, with the crime group Lapsus$ reportedly stealing and publishing source codes from the company's software.

The Lapsus$ group announced the data theft on their darknet site, claiming to possess documents related to "Full Infrastructure, Source Code, GitHub Tree & Internal Network Maps." An archive named "VODA_FULL_DUMP.tar.xz" is said to contain 180 GB of data.

Vodafone confirmed the data leak, stating that unauthorized access to a limited number of software source code files occurred in March 2026. Security experts identified and contained the incident immediately. The company emphasized that no sensitive customer information was compromised and that internal systems and networks were unaffected.

It remains unclear how the attack was carried out or the exact scope of the breach, including any ransom demands. This incident follows previous security challenges for Vodafone, including data breaches involving sales partners and substantial fines related to the misuse of customer data.