Target's Dev Server Offline After Hackers Claim To Steal Source Code (2026)

Hackers are claiming to be selling internal source code belonging to Target Corporation, after publishing what appears to be a sample of stolen code repositories on a public software development platform.

Last week, an unknown threat actor created multiple repositories on Gitea that appeared to contain portions of Target's internal code and developer documentation. The repositories were presented as a preview of a much larger dataset allegedly being offered for sale to buyers on an underground forum or private channel.

After BleepingComputer contacted Target with questions about the alleged breach, the files were taken offline and the retailer's Git server, git.target.com, became inaccessible from the internet.

Last week, BleepingComputer received a tip that a threat actor was posting screenshots in a private hacking community to support claims that they had gained access to Target's internal development environment.

The same actor had also published several repositories on Gitea, a self-hosted Git service similar to GitHub or GitLab, as a sample of the data the actor claimed was being offered for sale.

According to the source, hackers claimed that "this is [the first set of] data to go to auction."

Each repository contained a file named SALE.MD listing tens of thousands of files and directories purportedly included in the full dataset. The listing was more than 57,000 lines long and advertised a total archive size of approximately 860 GB.

It's worth noting that the commit metadata and documentation referenced the names of internal Target development servers, and multiple current Target lead and senior engineers.

BleepingComputer shared the Gitea links with Target on Thursday and requested comment on the alleged breach

By Friday and Saturday, all of the repositories had been removed and began returning 404 errors, consistent with a takedown request.

Source: BleepingComputer