Thought Leadership
The US IT group Hewlett Packard Enterprise (HPE) is currently investigating reports of a potentially serious security incident. The cybercriminal known as “IntelBroker” offered a data set for sale in relevant underground forums on January 16, which he claimed originated from the technology giant’s systems.
The data for sale is said to include source code repositories of the Zerto disaster recovery solution and the iLO server management interface. Private GitHub repositories, digital certificates and Docker build configurations are also being offered. Older personal data from the logistics sector is also part of the data leak.
The attacker also claims to have captured access data for various services used by HPE, including APIs and access to WePay, GitHub and GitLab.
HPE spokesperson Adam R. Bauer confirmed to the IT security portal SecurityWeek that countermeasures were initiated immediately after the allegations became known. “We have activated our cyber response protocols, disabled affected credentials and launched an investigation to verify the allegations,” said Bauer. As things stand, there is no impact on operations. There are also no indications that customer data has been compromised.
IntelBroker has already been responsible for attacks on several large companies in the past. However, the actual damage often turns out to be less than claimed by the attacker.
