Hewlett Packard Enterprise (HPE) is investigating claims of a brand new breach after a menace actor mentioned they stole paperwork from the corporate’s developer environments.
The corporate has informed BleepingComputer that it hasn’t discovered any proof of a safety breach, however it’s investigating the menace actor’s claims.
“HPE grew to become conscious on January 16 of claims being made by a bunch known as IntelBroker that it was in possession of knowledge belonging to HPE,” spokesperson Clare Loxley informed BleepingComputer.
“HPE instantly activated our cyber response protocols, disabled associated credentials, and launched an investigation to guage the validity of the claims. There is no such thing as a operational affect to our enterprise presently, nor proof that buyer data is concerned.”
IntelBroker, who introduced the sale of knowledge allegedly stolen from HPE’s networks, claims they’d entry to the corporate’s API, WePay, and (non-public and public) GitHub repositories for at the least two days and stole certificates (non-public and public keys), Zerto and iLO supply code, Docker builds, and outdated consumer private data used for deliveries.
IntelBroker put up one other archive of information (together with credentials and entry tokens) allegedly stolen from HPE’s programs virtually one 12 months in the past, on February 1, 2024. The corporate additionally mentioned on the time that it was investigating the menace actor’s claims however had no proof of a safety breach.
IntelBroker gained notoriety after breaching DC Well being Hyperlink—the group that administers the U.S. Home of Representatives members’ well being care plans—an incident that led to a congressional listening to after the non-public knowledge belonging to 170,000 affected people was leaked on-line.
Different incidents linked to IntelBroker embody the breaches of Nokia, Cisco, Europol, Dwelling Depot, and Acuity and alleged breaches of AMD, the State Division, Zscaler, Ford, and Common Electrical Aviation.
HPE was additionally breached in 2018 when APT10 Chinese language hackers reportedly compromised a few of its programs and used the entry to hack into clients’ gadgets.
Extra not too long ago, in 2021, the tech big disclosed that the information repositories of its Aruba Central community monitoring platform had additionally been compromised, enabling attackers to entry knowledge about monitored gadgets and their places.
HPE additionally revealed one 12 months in the past that its Microsoft Workplace 365 e mail surroundings was breached in Might 2023 by attackers believed to be a part of the APT29 hacking group, which is linked to Russia’s International Intelligence Service (SVR).