Hewlett-Packard Enterprise (HPE) is currently scrutinizing a potential data infringement, following allegations issued by a reputed hacker who suggests having pilfered critical data from the firm.
“IntelBroker”, the hacker identified by a pseudonym, purports to have pulled off an unauthorized extraction of a significant quantity of information from HPE, which is recognized as HP’s division specializing in enterprise IT.
This unidentified hacker, made this surprising revelation on January 16 in a widely followed cybercrime forum, as viewed by TechCrunch. They have described the pilfered data as being inclusive of private GitHub repositories, product source code, and even secret keys that grant access to various HPE services such as WePay, GitLab, and GitHub.
IntelBroker had previously alleged to have infiltrated leading tech companies like AMD, Nokia, and Cisco. They also claimed to have gained access to HPE user data, with the inclusion of personally identifiable information linked to past deliveries.
HPE’s spokeswoman, Laura von Pentz, in a statement to TechCrunch, expressed the company’s stand. “HPE, on January 16, became informed of allegations being made by group IntelBroker regarding possession of confidential HPE data. Following this, our cyber-response protocols were promptly activated, related credentials were deactivated, and an investigation was set in motion to assess the validity of these claims.”
IntelBroker, who is seemingly offering the data claimed to be illegally retrieved from HPE for sale, remained non-responsive to TechCrunch’s questions.
A similar incident had occurred with HPE when it confirmed, exactly a year ago, “Midnight Blizzard”, a hacking syndicate linked to Russia, had compromised its cloud-based email environment. During that episode, a “limited” number of mailboxes were infiltrated and data was extracted unauthorizedly, as stated by the firm.
Original source: Read the full article on TechCrunch
