Hewlett Packard Enterprise (HPE) has apparently suffered another data breach after it confirmed claims made by a threat actor on a dark web forum.
As reported by BleepingComputer, a hacker with the alias IntelBroker posted a new ad on a hacking forum, offering HPE data for sale. The ad featured a screenshot of the alleged data, including stolen HPE credentials.
“Today, I am selling the data I have taken from Hewlett Packard Enterprise,” the ad on the forum reads. “More specifically, the data includes: CI/CD access, System logs, Config Files, Access Tokens, HPE StoreOnce Files (Serial numbers warrant etc) & Access passwords. (Email services are also included).”
A known leaker
Initially, HPE wasn’t aware of any breach of its systems and told the publication it was investigating the claims. It also said that there were no extortion attempts, either. However, following a more thorough investigation, HPE confirmed the hacker stealing data from a testing environment.
In a short statement given to BleepingComputer, HPE’s Sr. Director for Global Communications Adam R. Bauer said “the data at issue appears to be related to information that was contained in a test environment. There is no indication these claims relate to any compromise of HPE production environments or customer information.”
IntelBroker is a known leaker, and exactly a year ago, it leaked sensitive data belonging to Weee!. Posting on the since-defunct Breached forum, IntelBroker said they had “a database of 11 million customers belonging to the Saywee”.
The database was allegedly stolen a few days prior and contained plenty of sensitive information, such as full names, email addresses, phone numbers, the type of endpoint used to engage with the platform (PC, Android, or iOS), order notes, as well as other platform-specific data. The same hacker also breached DC Health Link, General Electric Aviation, and others.