A threat actor has claimed to have breached pharmaceutical giant AstraZeneca, publishing what they allege is a 3 GB archive containing source code, cloud infrastructure configurations, and sensitive credentials.
The alleged dataset was advertised on a cybercrime forum on July 4. According to the listing, the archive contains source code written in Java, Angular, and Python, along with infrastructure-as-code files, cloud deployment configurations, and credentials purportedly associated with AstraZeneca’s internal environment.
Source code and cloud infrastructure allegedly exposed
According to the forum listing, the compressed archive is approximately 3 GB and is distributed as a .tar.gz file. The alleged dataset is described as including source code repositories, AWS and Azure Terraform configurations, private keys, Vault credentials, and other internal development assets.
The listing also claims the archive contains documents in multiple formats, including CSV, XLS, XLSX, DOC, and DOCX. It does not explain how the data was allegedly obtained or provide technical details supporting the claims.
BreachNews has not independently verified the authenticity of the files or confirmed that the materials originated from AstraZeneca.
No public statement from AstraZeneca
At the time of publication, AstraZeneca had not issued any public statement regarding the alleged breach or the claims made in the forum post.
If authentic, exposure of source code and cloud infrastructure configuration files could create security risks beyond the disclosure of proprietary information. Infrastructure definitions and credential material may provide attackers with insight into internal architecture, deployment processes, or privileged environments if any credentials remain valid.
Healthcare sector remains a frequent target
Global pharmaceutical and healthcare organizations continue to be attractive targets for cybercriminals seeking intellectual property, research data, enterprise credentials, and other sensitive information. Recent campaigns have increasingly focused on data theft and extortion rather than solely encrypting systems.
Recent healthcare-related incidents covered by BreachNews include World Leaks’ alleged attack on COMHAR, Kazu Group’s claim involving Yocale, and the alleged Alliance Healthcare breach.
BreachNews will update this article if AstraZeneca issues a public statement or if additional evidence emerges supporting or refuting the alleged breach.












