November 25, 2023 at 05:44PM
General Electric (GE) is investigating a possible cyberattack in which a threat actor breached their development environment and leaked alleged stolen data. The threat actor, known as IntelBroker, attempted to sell access to GE’s development and software pipelines on a hacking forum but later claimed to be selling the network access and stolen data. GE has confirmed that they are aware of the claims and are investigating the alleged data leak. IntelBroker is known for successful cyberattacks, including breaching the D.C. Health Link program and selling stolen personal information.
During the meeting, it was discussed that General Electric (GE) is currently investigating claims of a cyberattack on their development environment. It is alleged that a threat actor named IntelBroker breached GE’s systems and leaked stolen data. GE is an American multinational company operating in the power, renewable energy, and aerospace industries. In an attempt to sell access to GE’s development and software pipelines, IntelBroker initially asked for $500 on a hacking forum but later posted that they are now selling both the network access and the allegedly stolen data. They claimed that the data includes DARPA-related military information, files, SQL files, and documents.
As evidence of the breach, the threat actor shared screenshots of the stolen GE data, including a database from GE Aviations that appears to contain information on military projects. In response to these claims, GE confirmed that they are aware of the situation and are investigating the alleged data leak. They assured that appropriate measures will be taken to protect the integrity of their systems.
It is worth noting that IntelBroker, the threat actor involved, has a track record of successful cyberattacks, including a breach of the Weee! grocery service and the theft of sensitive personal information from the District of Columbia’s D.C. Health Link program. The breach of DC Health Link led to extensive media coverage and a congressional hearing to investigate the incident. Mila Kofman, the Executive Director of the District of Columbia Health Benefit Exchange Authority, explained during the hearing that the data was exposed due to a misconfigured server, which made it accessible online.