HPE Investigates Hacker’s Claim Of Selling Stolen Source Code

Hewlett Packard Enterprise (HPE) has launched an investigation into a new data breach after a threat actor claimed to have stolen sensitive information from the tech giantโ€™s systems.

The investigation follows an announcement by the prominent and notorious threat actor โ€œIntelBroker,โ€ who took to BreachForums on January 16th to announce that they are selling files reportedly obtained from HPE’s networks.

For those unaware, IntelBroker is infamous for breaching major organizations like Cisco, Nokia, Europol, and AMD, often stealing and selling sensitive data on cybercrime forums.

Regarding HPE, the compromised data allegedly includes source code for products like Zerto and iLO, private Github repositories, Docker builds, SAP Hybris, Certificates (private and public keys), and even some old user personal identifiable information (PII) used for deliveries.

IntelBroker is also offering selling access to some HPE services, including APIs, WePay, GitHub, GitLab and more.

โ€œToday, I am selling the HPE data breach,โ€ IntelBroker wrote in a BreachForumsย post. โ€œWe have been connecting to some of their services for about 2 days now.โ€

HPE said it is investigating the breach claims but has found no evidence of a security breach.

It added that there is no operational impact on the company and no evidence that customer information was involved in the cyber incident.

โ€œHPE became aware on January 16 of claims being made by a group called IntelBroker that it was in possession of information belonging to HPE. HPE immediately activated our cyber response protocols, disabled related credentials, and launched an investigation to evaluate the validity of the claims,โ€ an HPE spokesperson said in a statement.

This is not the first time IntelBroker has made such breach claims against HPE. In February 2024, the threat actor claimed to have breached HPE and offered the companyโ€™s stolen data for sale, which reportedly included Continuous Integration/Continuous Deployment (CI/CD) access, system logs, configuration files, access tokens, HPE StoreOnce files (such as serial numbers and warranty information), and access passwords, including email services.

Kavita Iyer
Kavita Iyerhttps://www.techworm.net
An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human!!!
spot_img

Read More

Suggested Post