Hewlett Packard Enterprise (HPE) has initiated an internal investigation following claims by the hacker known as IntelBroker regarding the theft of documents from the company’s development environments. HPE representatives have stated that, as of now, there is no evidence of a breach; however, the alleged threats are being thoroughly scrutinized.
According to Claire Loxley, a company spokesperson, HPE became aware of IntelBroker’s claims on January 16, in which the hacker asserted possession of confidential company information. HPE promptly activated its cybersecurity protocols, disabled access associated with potentially compromised credentials, and launched an investigation. At this stage, no threats to the company’s operations or client data have been identified.
IntelBroker claims to have accessed APIs, the WePay platform, as well as private and public GitHub repositories. The hacker alleges possession of certificates, the source code for Zerto and iLO, Docker builds, and outdated user information related to shipping.
Additionally, IntelBroker released a new data archive that reportedly includes credentials and access tokens stolen from HPE systems in February 2024. During that period, HPE also conducted an investigation but found no evidence of a breach.
IntelBroker has previously garnered attention for high-profile incidents, such as the breach of DC Health Link, the organization managing health insurance for members of the U.S. House of Representatives. That attack exposed the personal data of 170,000 individuals and prompted a Congressional investigation. Other notable attacks attributed to IntelBroker include breaches of Nokia, Cisco, Europol, and Acuity, along with alleged compromises of AMD, the U.S. Department of State, and General Electric Aviation.
HPE has faced significant data breaches in the past. In 2018, the Chinese hacker group APT10 exploited access to the company’s systems to target client devices. In 2021, the Aruba Central platform was compromised, granting attackers access to information regarding device monitoring and locations. Furthermore, in 2023, HPE reported a breach of its Microsoft Office 365 environment.
These incidents underscore the persistent and evolving threats faced by enterprises, highlighting the critical importance of robust cybersecurity measures and rapid incident response protocols.
