HPE Investigates Data Breach | Hacker Claims Sensitive Data Theft

HPE Investigates Potential Data Breach

Hewlett Packard Enterprise is currently conducting an investigation following reports of a data security incident.

A hacker operating under the pseudonym “IntelBroker” has asserted the successful acquisition of confidential data belonging to the company.

Details of the Alleged Breach

IntelBroker alleges the stolen data encompasses a significant collection of information from HPE, the enterprise-focused IT segment of the larger HP organization.

A post made on a prominent cybercrime forum on January 16th, reviewed by TechCrunch, details the compromised assets.

Data Potentially Compromised

According to the hacker’s claims, the illicitly obtained data includes product source code, private repositories hosted on GitHub, and crucial access credentials for various HPE services.

These services reportedly include APIs and platforms such as WePay, GitHub, and GitLab.

Furthermore, IntelBroker states access was gained to HPE user data, potentially exposing personally identifiable information linked to previous shipments.

HPE’s Response

HPE spokesperson Laura von Pentz released a statement to TechCrunch confirming awareness of the claims made by the group known as IntelBroker.

The company immediately initiated its established cyber incident response procedures, including the deactivation of potentially compromised credentials and a thorough investigation to verify the validity of the allegations.

Currently, HPE reports no disruption to its business operations and has found no indication of customer data involvement.

Ongoing Investigation and Previous Incidents

When questioned by TechCrunch, HPE refrained from disclosing the specific method of compromise.

IntelBroker, who is purportedly offering the stolen data for sale, did not respond to inquiries from TechCrunch.

This incident occurs almost a year after HPE acknowledged a prior breach attributed to Midnight Blizzard, a hacking group with ties to Russia.

That earlier incident involved unauthorized access and data exfiltration from a limited number of email mailboxes, achieved through a compromised account.

The company had stated that a “small percentage” of mailboxes were affected by the intrusion.