Hackers Claim to Sell Target’s Internal Source Code After Leaking Samples
An unknown threat actor has allegedly breached Target Corporation’s internal development environment, claiming to possess and sell a massive trove of the retailer’s private source code. Last week, the hackers published sample repositories on Gitea a self-hosted Git platform containing portions of Target’s code and developer documentation as proof of the breach.
The leaked samples included repositories with names like wallet-services-wallet-pentest-collections, TargetIDM-TAPProvisioingAPI, and Secrets-docs, along with commit metadata referencing internal Target servers and current senior engineers. A SALE.MD file in each repository advertised a full dataset of approximately 860 GB, listing over 57,000 files and directories.
After BleepingComputer contacted Target about the alleged breach, the Gitea repositories were taken down, and the company’s Git server (git.target.com) became inaccessible from the internet. Previously, the subdomain had redirected to a login page for employees, but as of last weekend, it no longer loads externally. While some cached pages from git.target.com appeared in search engine results, it remains unclear whether this indicates prior exposure or misconfiguration.
Though BleepingComputer has not independently verified the full dataset, the leaked material including internal API references and employee details suggests an origin from Target’s private development infrastructure rather than its public GitHub projects. Target has not provided further comment following initial inquiries.
The incident follows Target’s most significant prior breach in 2013, when attackers stole payment card data and personal information from up to 110 million customers. The current claims, if confirmed, would mark another major security lapse for the retailer.
Target cybersecurity rating report: https://www.rankiteo.com/company/target
"id": "TAR1768244770",
"linkid": "target",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Retail',
'location': 'United States',
'name': 'Target Corporation',
'size': 'Large',
'type': 'Retail'}],
'attack_vector': 'Unauthorized Access to Development Environment',
'data_breach': {'data_exfiltration': 'Allegedly sold on underground forums',
'number_of_records_exposed': 'Approximately 860 GB of data '
'advertised (57,000+ '
'files/directories)',
'sensitivity_of_data': 'High (internal proprietary code and '
'documentation)',
'type_of_data_compromised': 'Source code, developer '
'documentation, internal API '
'endpoints, commit metadata'},
'description': 'Hackers claimed to be selling internal source code belonging '
'to Target Corporation after publishing samples of stolen code '
'repositories on a public software development platform. The '
"repositories contained portions of Target's internal code and "
'developer documentation, advertised as a preview of a larger '
'dataset for sale. After Target was contacted, the files were '
"taken offline, and the company's Git server became "
'inaccessible.',
'impact': {'brand_reputation_impact': 'Potential reputational damage',
'data_compromised': 'Internal source code and developer '
'documentation',
'downtime': 'Git server taken offline',
'operational_impact': 'Potential disruption to development '
'operations',
'systems_affected': 'Internal Git server (git.target.com), '
'development environment'},
'initial_access_broker': {'data_sold_on_dark_web': 'Allegedly advertised for '
'sale',
'high_value_targets': 'Internal development '
'environment, Git '
'repositories'},
'investigation_status': 'Ongoing',
'motivation': 'Financial Gain',
'references': [{'source': 'BleepingComputer'}],
'response': {'communication_strategy': 'No further comment provided',
'containment_measures': 'Repositories taken offline, Git server '
'made inaccessible'},
'threat_actor': 'Unknown',
'title': "Alleged Sale of Target Corporation's Internal Source Code",
'type': 'Data Breach'}