Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
In what appears to be a repeat incident, Hewlett Packard Enterprise (HPE) has launched an investigation into the latest IntelBroker claims, almost a year after the threat actor claimed a previous attack on the company.
The business IT division of major laptop and technology manufacturer Hewlett-Packard (HP) has launched an investigation following claims by a notorious threat actor that the company was breached and data stolen.
Last week, Cyber Daily reported that notorious threat actor IntelBroker, alongside several members of its threat group, CyberN-----s, posted to a popular hacking forum, claiming to have exfiltrated data from Hewlett Packard Enterprise (HPE).
According to the post, the exfiltrated data for sale includes “private Github repositories, Docker builds, SAP Hybris, certificates (private and public keys), product source code: Zerto & iLO” as well as old user personally identifiable information (PII). The threat actor also said that it was selling access to the company’s API, WePay, GitHub and more.
“We’ve been connecting to some of their services for about 2 days now,” wrote IntelBroker.
Now, speaking with Cyber Daily, HPE has revealed that it is aware of the claims and has launched an investigation into the cyber incident.
“HPE became aware on January 16 of claims being made by a group called IntelBroker that it was in possession of information belonging to HPE,” said the company.
“HPE immediately activated our cyber response protocols, disabled related credentials, and launched an investigation to evaluate the validity of the claims.”
While IntelBroker had posted screenshots as proof of the breach, which contained names, email addresses and passwords, HPE said that no customer information has been impacted as far as it’s aware.
“There is no operational impact to our business at this time, nor evidence that customer information is involved,” it said.
This is not the first time IntelBroker has gone after HPE, having listed the company on the same popular hacking forum at the beginning of 2024.
“Today, I am selling the data I have taken from Hewlett Packard Enterprise,” IntelBroker wrote.
“More specifically, the data includes: CI/CD access, System logs, Config Files, Access Tokens, HPE StoreOnce Files (Serial numbers warrant etc) & Access passwords. (Email services are also included).”
HPE launched an investigation into the incident at the time, confirming that it was not a case of ransomware.
“We are aware of the claims and are investigating their veracity,” HPE’s senior director for global communications, Adam R. Bauer, told tech publication BleepingComputer.
“At this time, we have not found evidence of an intrusion, nor any impact to HPE products or services. There has not been an extortion attempt.”
Be the first to hear the latest developments in the cyber industry.
