Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Only days after announcing retirement, infamous leaker and threat actor IntelBroker has announced a third breach of Hewlett Packard Enterprise.
In a post to an infamous hacking forum, the threat actor announced a “second” breach, closely following one he announced last month. This makes it the third he has claimed, having also listed the company last year.
“Today, I have uploaded the Hewlett Packard Enterprise 2nd breach,” wrote IntelBroker.
“This happened 2 days ago and is separate from the 1st breach we did.”
The threat actor said that data included HPE GTCAAS source code, hard-coded credentials, source code, API tokens, certificates and private keys.
The latest claims follow IntelBroker allegedly breaching Hewlett Packard Enterprise last month.
“We’ve been connecting to some of their services for about 2 days now,” said IntelBroker at the time.
According to the post, the exfiltrated data for sale includes “private Github repositories, Docker builds, SAP Hybris, certificates (private and public keys), product source code: Zerto & iLO” as well as old user personally identifiable information (PII). The threat actor also said that it was selling access to the company’s API, WePay, GitHub and more.
IntelBroker also uploaded screenshots, which contained names, email addresses and passwords, as proof of the breach.
Following this, Hewlett Packard Enterprise told Cyber Daily it was investigating the claims.
“HPE became aware on January 16 of claims being made by a group called IntelBroker that it was in possession of information belonging to HPE,” said the company.
“HPE immediately activated our cyber response protocols, disabled related credentials, and launched an investigation to evaluate the validity of the claims.”
Almost a year prior, IntelBroker listed Hewlett Packard Enterprise on the same forum, claiming to have data for sale.
“Today, I am selling the data I have taken from Hewlett Packard Enterprise,” IntelBroker wrote on BreachForums.
“More specifically, the data includes: CI/CD access, System logs, Config Files, Access Tokens, HPE StoreOnce Files (Serial numbers warrant etc) & Access passwords. (Email services are also included).”
The latest claim follows IntelBroker announcing his resignation as the owner of BreachForums.
“I am making this thread to announce my resignation as BF owner,” he said.
“This has been a long time coming. As of resigning I’m waiting for the two admins to remove my rank. I’m resigning due to not having enough time to designate my time to BreachForums.
“I did previously say that I didn’t want to be admin or anything higher due to me not having any time. I’m very busy IRL and I don’t want to be a useless staff member who is inactive.”
“I’m sure the BreachForums community has noticed my lack of interaction overall from me. So I’m resigning because of this.”
“I may sometimes post a random thread here and there and post sometimes a message in shoutbox, but not as staff.
“You are all such an amazing community and I hope [sic] you the best of good luck!”
Be the first to hear the latest developments in the cyber industry.
