HPE Investigates Claims of Data Breach and Source Code Disclosure by Hackers
Hewlett Packard Enterprise (HPE) is investigating claims of a potential breach after a threat actor, IntelBroker, alleged that they accessed sensitive documents from the company’s developer environments.
HPE spokesperson Clare Loxley told BleepingComputer that the company has not found evidence of a security breach but has launched an investigation into the claims:
“HPE became aware on January 16 of claims being made by a group called IntelBroker that it was in possession of information belonging to HPE. HPE immediately activated our cyber response protocols, disabled related credentials, and launched an investigation to evaluate the validity of the claims. There is no operational impact to our business at this time, nor evidence that customer information is involved.”
IntelBroker’s Claims
IntelBroker claims they had access to:
- HPE’s API, WePay, and GitHub repositories (both public and private).
- Certificates, including private and public keys.
- Source code for Zerto and Integrated Lights-Out (iLO) management tools.
- Docker builds and user information used for deliveries.
IntelBroker has also shared data archives allegedly stolen from HPE, including credentials and access tokens, which they claim date back nearly a year.
IntelBroker HPE breach claims (BleepingComputer)
See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses
Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.
IntelBroker’s Notorious History
IntelBroker is associated with several high-profile breaches, including:
- DC Health Link (2023): A breach affecting U.S. House of Representatives healthcare plans, exposing the data of 170,000 individuals.
- Nokia, Cisco, Europol, Home Depot, and Acuity: Successful breaches confirmed by IntelBroker.
- Alleged breaches of AMD, Zscaler, Ford, General Electric Aviation, and the State Department.
HPE’s Breach History
While HPE denies evidence of a current breach, the company has faced several security incidents in the past:
- 2018: Compromised by Chinese APT10 hackers, leading to customer device breaches.
- 2021: Data repositories of the Aruba Central monitoring platform were breached, exposing information about monitored devices and their locations.
- May 2023: HPE’s Office 365 email environment was infiltrated by APT29, a group linked to Russia’s Foreign Intelligence Service (SVR).
Trending: Offensive Security Tool: ACEshark
What’s Next?
HPE is actively investigating the breach claims to assess their validity and potential impact. While no customer data or operational disruptions have been reported, the allegations highlight the continued vulnerability of even large tech enterprises to sophisticated threat actors like IntelBroker.
The company urges stakeholders to remain vigilant and is likely to release more information as their investigation progresses.
Are u a security researcher? Or a company that writes articles about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing? If you want to express your idea in an article contact us here for a quote: [email protected]
Source: bleepingcomputer.com
Recent News
Malicious npm and PyPI Packages Steal Solana Private Keys and Delete Sensitive Data
Severe Vulnerability in W3 Total Cache Plugin Exposes Over a Million WordPress Sites to Attacks
FortiGate Leak: Over 15,000 Devices’ Configs and VPN Credentials Exposed by New Hacking Group
WP3.XYZ Malware Hijacks 5,000+ WordPress Sites with Rogue Admins
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
