LAST UPDATED Loading...

AstraZeneca Source Code and Cloud Credentials Allegedly Leaked

A cybercrime forum user claims to have leaked a 3 GB archive allegedly containing AstraZeneca source code, cloud infrastructure files, and sensitive credentials.
Screenshot of a cybercrime forum post claiming an alleged AstraZeneca data breach involving source code, cloud infrastructure files, and sensitive credentials in a 3 GB archive.
A threat actor claims to have leaked a 3 GB archive allegedly containing AstraZeneca source code, cloud infrastructure configurations, and credentials. BreachNews has not independently verified the authenticity of the claims or the purported dataset.

A threat actor has claimed to have breached pharmaceutical giant AstraZeneca, publishing what they allege is a 3 GB archive containing source code, cloud infrastructure configurations, and sensitive credentials.

The alleged dataset was advertised on a cybercrime forum on July 4. According to the listing, the archive contains source code written in Java, Angular, and Python, along with infrastructure-as-code files, cloud deployment configurations, and credentials purportedly associated with AstraZeneca’s internal environment.

Source code and cloud infrastructure allegedly exposed

According to the forum listing, the compressed archive is approximately 3 GB and is distributed as a .tar.gz file. The alleged dataset is described as including source code repositories, AWS and Azure Terraform configurations, private keys, Vault credentials, and other internal development assets.

The listing also claims the archive contains documents in multiple formats, including CSV, XLS, XLSX, DOC, and DOCX. It does not explain how the data was allegedly obtained or provide technical details supporting the claims.

BreachNews has not independently verified the authenticity of the files or confirmed that the materials originated from AstraZeneca.

No public statement from AstraZeneca

At the time of publication, AstraZeneca had not issued any public statement regarding the alleged breach or the claims made in the forum post.

If authentic, exposure of source code and cloud infrastructure configuration files could create security risks beyond the disclosure of proprietary information. Infrastructure definitions and credential material may provide attackers with insight into internal architecture, deployment processes, or privileged environments if any credentials remain valid.

Healthcare sector remains a frequent target

Global pharmaceutical and healthcare organizations continue to be attractive targets for cybercriminals seeking intellectual property, research data, enterprise credentials, and other sensitive information. Recent campaigns have increasingly focused on data theft and extortion rather than solely encrypting systems.

Recent healthcare-related incidents covered by BreachNews include World Leaks’ alleged attack on COMHAR, Kazu Group’s claim involving Yocale, and the alleged Alliance Healthcare breach.

BreachNews will update this article if AstraZeneca issues a public statement or if additional evidence emerges supporting or refuting the alleged breach.

Picture of m00s3c

m00s3c

Moose (@m00s3c) is the author of BreachNews, focusing on data breach intelligence, dark web monitoring, and threat analysis. His work involves analyzing breach claims, reviewing leaked datasets, and tracking threat actor activity to provide clear, factual reporting.

Latest News

Newsletter signup

Get the latest data breach and security news.

Please wait...

Thank you for signing up!

BREACHNEWS.COM/SUPPORT/

Support Independent News.

Help support breach monitoring, investigations, infrastructure, and reporting.

Support the site
INTEL.BREACHNEWS.COM

Live Cyber
Threat Map

Explore live cyber activity, recent breach reports, KEV alerts, and public threat feeds from a single interactive dashboard.

Launch Threat Map