- In mid-January, IntelBroker offered an HPE archive for sale
- Hacker claims it contains sensitive data such as source code and access
- HPE said it was investigating the allegations
Hewlett Packard Enterprise (HPE) said it is investigating data breach allegations, recently made by an IntelBroker known for leaks.
On January 16, IntelBroker (known for its attacks on DC Health Link, Nokia, Cisco and many others) posted a new thread on the infamous BreachForums, saying “today I’m selling the data breach of Hewlett Packard Enterprise (HPE). »
In the thread, the leaker said that he and partners zjj and EnergyWeaponUser have been “connecting to some of their services for about 2 days now.”
Who is IntelBroker
Compromised data sold in this new archive includes source code from private GitHub repositories, Docker builds, SAP Hybris, and certificates (including private and public keys). Zerto and iLO product source code, user data, API access, WePay, GitHub, etc. would also have been stolen.
In response, HPE said it rotated the credentials and launched an investigation to see if the claims held up. So far, the company has not seen any evidence of a break-in:
“HPE became aware on January 16 of allegations by a group called IntelBroker that it was in possession of information belonging to HPE,” spokeswoman Clare Loxley said. BeepComputer. “HPE immediately activated our cyber response protocols, disabled associated credentials, and initiated an investigation to assess the validity of the claims. There is no operational impact to our business at this time, nor is there any evidence that the customer information is involved.”
IntelBroker is believed to be a Serbian cybercriminal with a strong track record of data compromise. Active since October 2022, they are known for several high-profile cyberattacks against Acuity (April 2024), Pandabuy (March 2024) and Europol (May 2024).
Via BeepComputer
