General Electric investigates data theft claimed by IntelBroker hackers
Group claims to possess DARPA-related military information, SQL data and documents
Multinational tech giant General Electric (GE) is investigating claims of a cyberattack and data theft.
The incident involves a threat actor known as IntelBroker who allegedly breached GE's development environment, and is now attempting to sell access to the company's "development and software pipelines" on a hacking forum for $500.
After failing to find a buyer for the initial access, IntelBroker returned to the forum, announcing the sale of both network access and allegedly stolen data.
"I previously listed the access to General Electrics, however, no serious buyers have actually responded to me or followed up. I am now selling the entire thing here separately, including access (SSH, SVN etc)," the threat actor posted to a hacking forum, according to BleepingComputer.
The hacker claims to possess a significant amount of DARPA-related military information, files, SQL data and documents.
As proof of the breach, screenshots were shared on the forum, including a database from GE Aviation that appears to contain sensitive information related to military projects.
In response to these claims, GE issued a statement confirming its awareness of the situation and commitment to investigating the alleged data leak.
"We will take appropriate measures to help protect the integrity of our systems," a GE spokesperson said.
General Electric, established in 1892, has evolved into an industrial giant with a global footprint. The company is known for its diverse offerings across multiple industries such as electricity, renewable energy, aviation and healthcare. GE's aerospace sector, in particular, is internationally recognised for producing cutting-edge aircraft engines that have significantly advanced air travel.
GE has also played a pivotal role in defence programmes by collaborating on research with organisations such as DARPA.
This is not the first time that GE has experienced a data breach.
In 2020, the company disclosed a security incident involving the unauthorised access of employee data through a third-party service provider.
IntelBroker has a notorious history of exposing datasets from major corporations, including the theft of sensitive information from the US District of Columbia's DC Health Link programme in March.
DC Health Link is the organisation responsible for managing the healthcare plans of the US House of Representatives members, their staff and their families.
DC Health Link disclosed in March that the FBI had informed it that some of its stolen data was available for purchase on the dark web.
IntelBroker also claimed on a dark web forum that it breached the DC[.]gov Health Benefit Exchange Authority, stole information of US House members, and were selling that information to interested parties.
A sample of the stolen data showed that it contained the personal information of approximately 170,000 individuals, including names, dates of birth, addresses, email addresses, phone numbers, Social Security Numbers and other sensitive details.
The breach prompted a congressional hearing to investigate the incident further.
Mila Kofman, executive director of the District of Columbia Health Benefit Exchange Authority, revealed during the hearing that the data exposure occurred through a misconfigured server that was accessible online.