Hewlett Packard Enterprise (HPE) confirmed to ITPro that it has launched an investigation into a possible hack of its systems after hacker IntelBroker posted a statement on a data breach forum last week. In his statement, the hacker indicated that, together with his team, he successfully hacked the HPE network and stole information, putting it up for sale on the darknet.
IntelBroker reported that the stolen data included Zerto and iLO source code, Docker builds, SAP Hybris data, certificates (private and public keys), and access keys to several HPE services, including the company’s API and the WePay, GitHub and GitLab platforms. Old user personal information (PII) related to shipments was also stolen. According to the hackers, they stayed in HPE networks for about two days. As proof of the hack, IntelBroker uploaded screenshots of names, email addresses and passwords.
Image source: BleepingComputer
HPE said that while the investigation is ongoing, it is clear that no customer data was lost. The company operates as usual. “On January 16, HPE became aware of claims by a group called IntelBroker that it was in possession of information belonging to HPE,” a company spokesperson said in a statement to ITPro. “HPE immediately activated cyber response protocols, disabled the relevant accounts, and began an investigation to evaluate the validity of the allegations.” “There are no operational impacts to our business at this time, and there is no evidence that customer information is affected,” the spokesperson said.
IntelBroker gained notoriety after the hack in March 2023 of the American insurance office of the District of Columbia DC Health Link, an organization that manages the health insurance plans of members of the US House of Representatives, as a result of which it published the personal data of 170 thousand people on the Internet. Other incidents related to IntelBroker include hacks of Nokia, Europol, Home Depot and Acuity, as well as alleged hacks of AMD, the US State Department, Zscaler, Ford and General Electric Aviation, writes BleepingComputer.
Last October, a hacker also breached Cisco systems, posting 2.9 terabytes of information on the dark web and noting that his group had extracted 4.5 terabytes of company data. Cisco acknowledged the incident, but emphasized that its own systems were not compromised and that attackers gained access to the public DevHub environment.