HPE investigates alleged data breach by IntelBroker
Includes Zerto source code
Hewlett Packard Enterprise (HPE) is investigating claims by the IntelBroker threat group that it successfully breached the company's network and accessed sensitive data.
In a post on a data breach forum, IntelBroker alleged it had infiltrated HPE’s systems for a 48-hour period, targeting the company's private GitHub repositories, APIs and the WePay service.
The group claims to have stolen various assets, including certificates; source code for data protection tool Zerto and server management system iLO; Docker builds; and personal delivery-related information.
The stolen data is reportedly being offered for sale on the dark web.
HPE has acknowledged the claims, saying it became aware of the situation on 16th January. A spokesperson for the company said it has initiated its cyber response protocols, revoked the compromised credentials and is investigating the validity of the allegations.
The company assured stakeholders that operations remain unaffected and emphasised there is no evidence of customer data being compromised.
"HPE is taking these claims seriously, but we have not identified any operational disruptions or verified any involvement of customer information," the spokesperson told ITPro.
This developing situation highlights the ongoing risk of cyber threats to major organisations, despite robust security measures. HPE has said it will continue to monitor the issue closely as the investigation progresses.
A similar situation played out two years ago, when IntelBroker claimed to have broken into energy giant General Electric.
Although GE launched an investigation, it never confirmed or denied that the attack had taken place. However, the data was marked as sold just a few days after the breach allegations became public knowledge.