Hewlett Packard Enterprise (HPE) has initiated an internal investigation following statements made by the hacker Intelbroker regarding the theft of documents from the company’s environment. While HPE representatives have stated that there is no concrete evidence of hacking, they are taking the threats seriously and conducting a thorough check.
According to company spokesperson Claire Loxley, HPE was made aware of Intelbroker’s claims on January 16, stating that he possessed confidential information from the company. HPE immediately enacted their cybersecurity protocols, cutting off access to potentially compromised accounting data and launching an investigation. Currently, there are no immediate threats to the company’s operations or customer data.
Intelbroker has asserted that he was able to access the API, Wepay platform, along with private and public Github repositories. The attacker claims to have obtained certificates, source code of Zerto and ILO, Docker assemblies, and outdated personal information related to deliveries.
Furthermore, Intelbroker has released a new data archive containing accounting data and access tokens allegedly stolen from HPE systems as far back as February 2024. At that time, the company had also investigated the incident but found no evidence of hacking.
Prior to this incident, Intelbroker made headlines for hacking DC Health Link, the organization responsible for managing medical insurance for US House of Representatives members. The breach resulted in the exposure of personal data of 170,000 individuals, prompting a congressional investigation. The hacker group has also been linked to breaches involving Nokia, Cisco, Europol, and Accuity, as well as attempted compromises on AMD, the US State Department, and General Electric Aviation.
HPE has previously experienced significant data leaks. In 2018, the Chinese hacker group APT10 exploited access to the company’s systems to target customer devices. In 2021, data on the Aruba Central platform was compromised, granting attackers access to device monitoring and location information. In 2023, a breach in the Microsoft Office 365 environment was also reported.