HPE investigates new breach after data for sale on hacking forum

HPE investigates new breach after data for sale on hacking forum

February 5, 2024 at 01:38PM

HPE is investigating a potential breach after IntelBroker claimed to have stolen HPE credentials and data, with screenshots and details shared on a hacking forum. The company denies evidence of intrusion, but is investigating the source of the alleged data. This follows a recent disclosure of a Russian hack on HPE’s Office 365 email environment.

From the provided meeting notes, we can gather the following key points:

1. Hewlett Packard Enterprise (HPE) is investigating a potential new breach after a threat actor called IntelBroker put allegedly stolen data up for sale on a hacking forum.

2. HPE’s Sr. Director for Global Communications Adam R. Bauer stated that the company has not found any evidence of a security breach and no ransom has been requested, but it’s investigating the threat actor’s claims.

3. IntelBroker claims to be selling HPE credentials and sensitive data, including CI/CD access, system logs, config files, access tokens, HPE StoreOnce files, and access passwords.

4. This investigation follows HPE’s disclosure that their Microsoft Office 365 email environment was breached in May 2023 by a suspected nation-state actor believed to be part of the Russian APT29 hacking group.

5. HPE also faced breaches in 2018 by APT10 Chinese hackers and in 2021 when data repositories of its Aruba Central network monitoring platform were compromised.

These meeting notes highlight the ongoing investigation into the potential breach of HPE’s sensitive data and the company’s history of cybersecurity incidents involving various threat actors.

Full Article