In a recent cybercrime development, the infamous hacker known as IntelBroker has claimed responsibility for breaching the global technology solutions provider, Hewlett Packard Enterprise (HPE), based in Houston, TX, United States. The hacker and their associates have reportedly gained unauthorized access to sensitive data within HPE’s infrastructure, including source code, certificates, and personally identifiable information (PII).
According to the hacker, the breach was a direct attack on HPE’s systems and did not involve compromising a third party for access, a method commonly seen in recent cyberattacks. The stolen data is now being offered for sale online, with the hacker demanding payment in Monero cryptocurrency to maintain anonymity and avoid tracing.
The hacker shared a data tree and screenshots allegedly taken from HPE’s internal infrastructure, highlighting the extent of the breach. The data tree analysis revealed references to development environments, open-source software, proprietary package management systems, private GitHub repositories, Docker builds, and product source code belonging to Zerto and iLO. Additionally, sensitive information such as user data related to deliveries, access to APIs, WePay, and self-hosted GitHub repositories was also extracted.
Further investigation by cybersecurity experts at Hackread.com confirmed the presence of private keys, certificates, source code for HPE products, references to private repositories, and compiled software packages within the stolen data. The leaked information includes details of Hewlett Packard Enterprise’s internal systems, such as the SignonService web service and sensitive configuration data, exposing vulnerabilities in HPE’s infrastructure.
It is essential to distinguish between Hewlett-Packard Enterprise (HPE) and HP Inc., as they are separate entities with distinct focuses. While HP Inc. specializes in consumer products like laptops and printers, HPE provides enterprise-level IT solutions such as servers, storage, networking, and cloud computing. The reported breach specifically targets HPE, emphasizing the importance of this distinction.
IntelBroker has gained notoriety for previous high-profile data breaches, including incidents involving Cisco, Nokia, and AMD. The recent breach of HPE comes shortly after the hacker’s claimed breaches of other tech giants, highlighting the ongoing challenges faced by companies in safeguarding their digital assets from cyber threats.
This story is still developing, and Hackread.com will continue to monitor the situation, providing updates as new information emerges. Stay tuned for further details on this cybersecurity incident and its implications for Hewlett Packard Enterprise and the wider technology industry.