A threat actor has claimed a significant breach targeting Getir, the Istanbul-based tech unicorn renowned for pioneering the ultrafast grocery delivery model. The claim surfaced on a popular hacking forum, where the actor alleged they had successfully compromised the company’s internal intranet system.
To substantiate their claim, the actor posted data samples appearing to be exfiltrated directly from Getir’s non-public corporate infrastructure, suggesting unauthorized access to sensitive operational and development environments.
An analysis of the posted information suggests that the breach exposed sensitive details related to the company’s software development lifecycle and internal applications. According to the actor, the compromised data provides a blueprint of Getir’s internal workings and includes:
- Full employee email addresses (e.g.,
[email protected]) - Internal application names and unique workspace IDs
- Specific user permissions for internal applications, such as
"read:applications" - Private Git repository URLs and metadata, including repository names like
getirprojects-dev
The exposure of private Git repository information is particularly concerning, as it could lead to the theft of proprietary source code, expose system vulnerabilities, and compromise the company’s intellectual property. The leaked employee emails could also be leveraged for sophisticated phishing campaigns against Getir’s staff to facilitate further intrusions.
