HQ/EMEAFind out how we can help your business
HPE is investigating reports of an allegedly new breach in which a threat actor claimed it took files from the company’s developer environments.
On an inquiry, Hewlett Packard Enterprise (HPE) stated that its initial assessment had found no indication of a security compromise, but the threat actor’s claims prompted them to look further. Moreover, one of its representatives stated they became aware of the claims on January 16.
The cybercriminal group that claimed to have acquired HPE-related files is the notorious IntelBroker hacking organisation.
HPE immediately launched various security protocols to address the unconfirmed situation.
According to reports, HPE quickly activated its cyber response mechanisms, disabled relevant credentials, and initiated an investigation to determine the legitimacy of IntelBroker’s claims. The initial investigation revealed that the hack currently has no operational impact on its business, nor is there any evidence that customer information is compromised.
On the other hand, IntelBroker, which announced the sale of allegedly stolen information from HPE’s networks, claims they had access to the company’s API, WePay, and (private and public) GitHub repositories for at least a couple of days.
Furthermore, the group also alleges that it has stolen both private and public certificates, Docker builds, Zerto and iLO source code, and old user personal information used for deliveries.
This incident is not the first time the group has claimed an attack on the company. In February last year, IntelBroker posted another collection of data purportedly stolen from HPE’s systems. However, the company also stated at the time that it looked into the threat actor’s allegations but found no indication of a security violation.
IntelBroker earned its notoriety by breaching DC Health Link, which oversees the United States House of Representatives members’ health insurance plans. The attack resulted in a congressional hearing after the group published the personal data of 170,000 impacted individuals online.
Other notable IntelBroker-related attacks include data breaches in big-time companies like Nokia, Home Depot, Cisco, and Acuity. Lastly, HPE was also breached in 2018, when APT10 Chinese hackers allegedly accessed parts of its networks and used them to infect customer devices.
As of now, the claims are still under investigation, but potentially affected individuals should still be on their toes to avoid unwanted compromise that the alleged breach can cause.
