**TeamPCP Supply Chain Campaign: Update 004 - Databricks Under Investigation, Dual Ransomware Operations, and AstraZeneca Data Released**

The TeamPCP supply chain campaign has taken a significant turn with new developments emerging over the past two days. As reported in our previous updates, this campaign has been characterized by a sophisticated approach to compromising security tools and exploiting their credentials for ransomware operations.

**Databricks Under Investigation for Alleged Security Compromise**

In a shocking revelation, Databricks, a cloud data analytics platform, is investigating an alleged security compromise linked to the TeamPCP credential harvest. According to cybersecurity news sources, screenshots showing AWS artifacts, CloudFormation dumps, and STS tokens "match TeamPCP's exact playbook." If confirmed, this would be the first major cloud platform identified as a downstream victim of TeamPCP's credential trove, marking a significant escalation in the campaign's scope.

Databricks has not issued an official statement on the matter, but experts recommend that organizations using Databricks monitor for an official statement and take precautions to protect their credentials. If your CI/CD pipelines were exposed to any TeamPCP-compromised component AND those pipelines had access to Databricks credentials, treat those credentials as potentially compromised.

**TeamPCP Operates Dual Ransomware Tracks**

In a separate development, researchers have uncovered that TeamPCP operates under five confirmed aliases: PCPcat, ShellForce, DeadCatx3, CipherForce, and Persy_PCP. What's more, TeamPCP's own Telegram channel reveals that they are running two parallel ransomware tracks simultaneously:

1. **CipherForce**: A proprietary ransomware operation, separate from the Vect partnership. 2. **Vect/BreachForums**: Mass affiliate ransomware operations leveraging the BreachForums mass affiliate key distribution.

This dual-track approach allows TeamPCP to maintain direct control over high-value targets (via CipherForce) while simultaneously flooding the ecosystem with mass affiliate operations (via Vect). Detection teams monitoring for Vect ransomware indicators should also add CipherForce to their watchlist.

**LAPSUS$ Releases AstraZeneca Data Free After Failed Sale Attempt**

In a concerning development, LAPSUS$/AstraZeneca breach claim has escalated. Cybernews and Cybersecurity Insiders report that AstraZeneca has still not issued any public statement confirming or denying the breach at approximately 96 hours since the initial claim. Analysts assess that AstraZeneca's continued silence, combined with GDPR obligations if EU employee data is in the dump, creates increasing regulatory exposure with each passing day.

Organizations should treat this as a probable confirmed breach for defensive planning purposes. If your organization shares integrations, data, or credentials with AstraZeneca, assess whether the exposed repository structures and configurations could affect your security posture. Given AstraZeneca's clinical research operations, the dump may contain protected health information (PHI) subject to HIPAA in the US and GDPR in the EU.

**ownCloud Discloses Build Infrastructure Impact From CVE-2026-33634**

ownCloud published a security notice confirming their build infrastructure -- the systems producing container images and client binaries -- was affected by CVE-2026-33634 (the Trivy compromise). ownCloud confirms that no customer data compromised, no source code altered, impact limited to build systems only. This is one of the first named downstream organizations to publicly disclose that they were in the blast radius of the Trivy supply chain compromise.

Organizations using ownCloud should review the security notice and verify their deployments are using images produced after the remediation.

**Supply Chain Pause Extends Past 96 Hours**

No new package compromises across any ecosystem have been publicly reported since the Telnyx PyPI disclosure on March 27, extending the supply chain pause documented in Update 003 past 96 hours. This is the longest quiet period since TeamPCP began active supply chain operations on March 19.

**Campaign Transitions to Three Parallel Monetization Tracks**

While supply chain poisoning has paused, TeamPCP is not dormant. Analysts assess that the group has completed its supply chain expansion phase and transitioned fully to credential exploitation and monetization. Three distinct operational tracks are now running simultaneously:

1. **Direct Credential Exploitation**: Against high-value targets -- the Databricks investigation represents the first alleged downstream victim of the ~300 GB stolen credential trove. 2. **Proprietary Ransomware via CipherForce**: TeamPCP's own ransomware operation, with recruitment via their Telegram channel. 3. **Mass Affiliate Ransomware via Vect/BreachForums**: Distributed operations leveraging the BreachForums mass affiliate key distribution.

The shared RSA-4096 public key embedded in payloads is the strongest attribution link across all TeamPCP operations. Detection teams monitoring for Vect ransomware indicators should also add CipherForce to their watchlist.

**Cloud Security Alliance Publishes Second Research Note on AI/ML Supply Chain Risk**

The Cloud Security Alliance AI Safety Initiative published a research note on March 29 framing the TeamPCP campaign as a structural shift in adversary methodology -- from opportunistic typosquatting to deliberate pipeline compromise of trusted AI/ML packages. The note assesses that "the economics of targeting high-value AI credential stores are accelerating adversary investment."

This is the second CSA publication covering TeamPCP and focuses specifically on the AI/ML ecosystem implications rather than technical TTPs.

In conclusion, the TeamPCP supply chain campaign continues to evolve with new developments emerging daily. Organizations should remain vigilant and take proactive measures to protect their credentials, update their security posture, and prepare for potential breaches. As always, stay tuned for further updates and analysis on this rapidly unfolding story.

**Recommended Action Items**

* Monitor official statements from Databricks regarding the alleged compromise. * Review and verify deployments using images produced after the remediation for organizations using ownCloud. * Use this supply chain pause as a remediation window to complete credential rotations and IOC sweeps before the CISA KEV deadline of April 8, 2026. * Add CipherForce to watchlists for detection teams monitoring Vect ransomware indicators.