Hewlett Packard Enterprise (HPE) has launched an investigation into claims by outstanding hacker, IntelBroker, who alleges to have stolen delicate information from the tech large.
The hacker introduced on January 16 on BreachForums that they’re promoting recordsdata purportedly taken from HPE techniques.
The info allegedly consists of supply code for merchandise like Zerto and iLO, non-public GitHub repositories, Docker builds and digital certificates.
IntelBroker additionally claims to own personally identifiable info (PII) associated to outdated person deliveries and entry to a number of HPE companies, together with APIs and platforms like WePay, GitHub and GitLab.
A HPE spokesperson confirmed to media shops that the corporate is conscious of the breach claims. Nonetheless, there was no operational affect on the corporate nor proof that buyer information has been compromised.
It’s understood that HPE instantly activated its cyber response protocols, disabled associated credentials, and launched an investigation to guage the validity of the claims,.
IntelBroker, recognized for focusing on main organizations, has a historical past of knowledge breaches involving corporations like Cisco, Common Electrical and Europol.
Whereas some victims have validated the authenticity of stolen information, they’ve additionally famous that the precise affect was usually much less extreme than the hacker instructed.
Supply Code and Delicate Information
Of their BreachForums publish, IntelBroker listed compromised objects resembling:
-
Supply code for HPE merchandise together with Zerto and iLO
-
Personal GitHub repositories and Docker builds
-
Private and non-private digital certificates
-
API entry keys and different service credentials
Hackread.com, which reviewed a pattern of the info, reported that the leak references a improvement atmosphere involving each open-source and proprietary instruments.
Learn extra on IntelBroker: Common Electrical Investigates Alleged DARPA Breach
IntelBroker claims the breach was a direct hack and never the results of a third-party compromise. The hacker has been extremely energetic over the previous yr, focusing on firms like T-Cellular, AMD and Apple. Whereas earlier exaggerations about Apple and Europol breaches have surfaced, IntelBroker is just not recognized for totally false claims.
HPE’s investigation continues as cybersecurity consultants assess the potential scope and dangers of the alleged breach.
