Hewlett Packard Enterprise (HPE) is investigating claims of a brand new breach after a menace actor mentioned they stole paperwork from the corporate’s developer environments.
The corporate has informed BleepingComputer that it hasn’t discovered any proof of a security breach, however it’s investigating the menace actor’s claims.
“HPE grew to become conscious on January 16 of claims being made by a bunch known as IntelBroker that it was in possession of data belonging to HPE,” spokesperson Clare Loxley informed BleepingComputer.
“HPE instantly activated our cyber response protocols, disabled associated credentials, and launched an investigation to guage the validity of the claims. There is no such thing as a operational affect to our enterprise at the moment, nor proof that buyer info is concerned.”
IntelBroker, who introduced the sale of data allegedly stolen from HPE’s networks, claims they’d entry to the corporate’s API, WePay, and (personal and public) GitHub repositories for a minimum of two days and stole certificates (personal and public keys), Zerto and iLO supply code, Docker builds, and previous consumer private info used for deliveries.
IntelBroker put up one other archive of information (together with credentials and entry tokens) allegedly stolen from HPE’s programs nearly one 12 months in the past, on February 1, 2024. The corporate additionally mentioned on the time that it was investigating the menace actor’s claims however had no proof of a security breach.
IntelBroker gained notoriety after breaching DC Well being Hyperlink—the group that administers the U.S. Home of Representatives members’ well being care plans—an incident that led to a congressional listening to after the non-public knowledge belonging to 170,000 affected people was leaked on-line.
Different incidents linked to IntelBroker embody the breaches of Nokia, Cisco, Europol, Residence Depot, and Acuity and alleged breaches of AMD, the State Division, Zscaler, Ford, and Basic Electrical Aviation.
HPE was additionally breached in 2018 when APT10 Chinese language hackers reportedly compromised a few of its programs and used the entry to hack into prospects’ units.
Extra not too long ago, in 2021, the tech big disclosed that the information repositories of its Aruba Central community monitoring platform had additionally been compromised, enabling attackers to entry knowledge about monitored units and their places.
HPE additionally revealed one 12 months in the past that its Microsoft Workplace 365 e mail atmosphere was breached in Might 2023 by attackers believed to be a part of the APT29 hacking group, which is linked to Russia’s International Intelligence Service (SVR).
