HPE investigating claims that hacker breached developer environments, source code

Image credit: Hewlett Packard Enterprise (Image credit: Hewlett Packard Enterprise)

IntelBroker offers HPE data archive for sale online
The hacker claims it contains sensitive data such as source code and access
HPE says it is investigating the claims

Hewlett Packard Enterprise (HPE) has confirmed it is investigating claims of a data breach, recently made by a known leakster IntelBroker.

On January 16, IntelBroker (known for their attacks on DC Health Link, Nokia, Cisco, and many others) posted a new thread on the infamous BreachForums, saying, “today, I am selling the Hewlett Packard Enterprise (HPE) data breach.”

In the thread, the leakster said together with partners zjj, and EnergyWeaponUser, they had been “connecting to some of their services for about 2 days now.”

Who is IntelBroker

The compromised data being sold in this new archive reportedly includes source code from private GitHub repositories, Docker builds, SAP Hybris, and Certificates (including private and public keys). Product source code for Zerto and iLO, user data, access to APIs, WePay, GitHub, and more was also allegedly stolen.

In response, HPE said it rotated credentials and started its investigation to see if the claims hold any water. So far, the company hasn’t seen any evidence of break-ins:

"HPE became aware on January 16 of claims being made by a group called IntelBroker that it was in possession of information belonging to HPE," spokesperson Clare Loxley told BleepingComputer.

"HPE immediately activated our cyber response protocols, disabled related credentials, and launched an investigation to evaluate the validity of the claims. There is no operational impact to our business at this time, nor evidence that customer information is involved."

IntelBroker is allegedly a Serbian cybercriminal with a strong track record for data compromise. Active since October 2022, they’re known for several high-profile cyberattacks against Acuity (April 2024), Pandabuy (March 2024), and Europol (May 2024).

Via BleepingComputer

Cisco investigates breach after data put up for sale on BreachForums
Here's a list of the best antivirus tools on offer
These are the best endpoint protection tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.