HPE Launches Investigation After Hacker Claims Data Breach

Posted on by Admin
HPE Launches Investigation After Hacker Claims Data Breach

Related Post


Hewlett Packard Enterprise (HPE) has launched an investigation into claims by prominent hacker, IntelBroker, who alleges to have stolen sensitive data from the tech giant.

The hacker announced on January 16 on BreachForums that they are selling files purportedly taken from HPE systems.

The data allegedly includes source code for products like Zerto and iLO, private GitHub repositories, Docker builds and digital certificates.

IntelBroker also claims to possess personally identifiable information (PII) related to old user deliveries and access to several HPE services, including APIs and platforms like WePay, GitHub and GitLab.

A HPE spokesperson confirmed to media outlets that the company is aware of the breach claims. However, there has been no operational impact on the company nor evidence that customer data has been compromised.

It is understood that HPE immediately activated its cyber response protocols, disabled related credentials, and launched an investigation to evaluate the validity of the claims,. 

IntelBroker, known for targeting major organizations, has a history of data breaches involving firms like Cisco, General Electric and Europol.

While some victims have validated the authenticity of stolen data, they have also noted that the actual impact was often less severe than the hacker suggested.

Source Code and Sensitive Data

In their BreachForums post, IntelBroker listed compromised items such as:

  • Source code for HPE products including Zerto and iLO

  • Private GitHub repositories and Docker builds

  • Public and private digital certificates

  • API access keys and other service credentials

Hackread.com, which reviewed a sample of the data, reported that the leak references a development environment involving both open-source and proprietary tools.

Read more on IntelBroker: General Electric Investigates Alleged DARPA Breach

IntelBroker claims the breach was a direct hack and not the result of a third-party compromise. The hacker has been highly active over the past year, targeting companies like T-Mobile, AMD and Apple. While previous exaggerations about Apple and Europol breaches have surfaced, IntelBroker is not known for entirely false claims.

HPE’s investigation continues as cybersecurity experts assess the potential scope and risks of the alleged breach.



Source link

Leave a Comment