A threat actor known as "888" has allegedly dumped sensitive LG Electronics data on ThreatMon (November 16, 2025). LG has not yet confirmed or denied these claims.

Alleged Leaked Data: • Source code repositories • Configuration files and SQL databases
• Hardcoded authentication credentials • SMTP server credentials

Attack Vector: The leak reportedly originated from a contractor access point, suggesting a supply chain compromise rather than direct breach of LG systems.

Threat Actor Profile: "888" has previously targeted Microsoft, BMW Hong Kong, Decathlon, and Shell. Typically monetizes through ransomware or selling data on breach forums. No public ransom demand in this case yet.

Technical Concerns: - Hardcoded credentials enable persistence and lateral movement - SMTP access could facilitate convincing phishing campaigns - Source code exposure may reveal vulnerabilities in LG IoT devices affecting millions of users globally

Related Context: LG Uplus (LG's telecom division) confirmed a separate breach in October 2025 during a wave of South Korean telecom attacks.

Verification Status: UNCONFIRMED - Awaiting official statement from LG Electronics.

Source: https://cyberupdates365.com/lg-data-leak-claim-threat-a/

Thoughts on supply chain attack vectors and contractor access management?