Hackers claim to have captured classified information and source code from HPE. The perpetrators are not unknown to the company.
Hackers from the group IntelBroker are peddling internal HPE information on the dark web. The group claims to have spent at least two days snooping around HPE’s developer environment and stealing data. The data allegedly included APIs, GitHub repositories, Zerto and iLO source code, Docker builds and old user personal information used for deliveries.
A week after the first claim, IntelBroker has resurfaced. This time, the hacking group has published a “small” database containing 500 MB of data. An analysis by Hackread.com shows that the nature of the data is similar to that of the first claim. Those who pay gain access to the full file.
HPE confirmed to Bleeping Computer that it has been aware of the alleged hack since Jan. 16. According to the company, there are no indications that an intrusion actually occurred, but this is being investigated more thoroughly. HPE has initiated cyber response protocols and assures that there is no impact on continuity of operational activities or current customer data.
Old acquaintance
The name IntelBroker will ring a bell with HPE. A year ago, the group already claimed to have broken in once and captured sensitive information. HPE had to deal with several (alleged) incidents last year and it was also a prize at subsidiary Aruba Networks in 2021 .
IntelBroker itself regularly pops up as alleged perpetrators of cyberattacks on major (technology) companies. With the likes of Cisco, Nokia, Europol, Ford, General Electrics and just last summer AMD, the group has already amassed quite a record.
read also
Ransomware in 2024: more attacks, more perpetrators
This article was originally published on January 21 and has been updated with the latest information.