Hewlett Packard Enterprise (HPE) is investigating a potential data breach after a prominent hacker, known as “IntelBroker,” alleged they had stolen sensitive information from the company.
IntelBroker, a hacker with a history of targeting major tech firms like AMD, Cisco, and Nokia, claimed responsibility for the breach in a January 16 post on a cybercrime forum. The hacker asserted that the stolen data includes HPE product source code, private GitHub repositories, and access credentials for various services, such as APIs and platforms like GitHub, GitLab, and WePay. Additionally, IntelBroker alleged they obtained personally identifiable information (PII) tied to past HPE deliveries.
In response to these claims, HPE issued a statement confirming that they became aware of the situation on January 16. “HPE immediately activated our cyber response protocols, disabled related credentials, and launched an investigation to evaluate the validity of the claims,” said Laura von Pentz, an HPE spokesperson. The company emphasized that there is currently no operational impact on their business and no evidence suggesting that customer data has been compromised.
However, HPE has not disclosed details about how the alleged breach occurred. Efforts to contact IntelBroker for further clarification have gone unanswered.
This incident comes nearly a year after HPE faced another security breach involving Midnight Blizzard, a hacking group with suspected ties to Russia. In that case, hackers exploited a compromised account to infiltrate HPE’s cloud-based email environment, accessing and extracting data from a small number of mailboxes.
The latest allegations highlight the growing challenges companies face in securing their systems against cyber threats. If IntelBroker’s claims are validated, the breach could expose HPE to further scrutiny regarding its cybersecurity measures.
As the investigation unfolds, HPE has assured stakeholders that their cyber response teams are actively working to address the situation. In the meantime, the incident serves as a stark reminder of the importance of robust security protocols in safeguarding sensitive corporate and user information.
