HPE investigating security breach after hacker claims theft of sensitive data

Hewlett Packard Enterprise is investigating a data breach after a well-known hacker claimed to have stolen sensitive information from the company.

The hacker, who uses the alias “IntelBroker,” claims to have stolen a trove of data from HPE, the enterprise IT division of hardware giant HP. 

In a post on a popular cybercrime forum on January 16, seen by TechCrunch, IntelBroker said the stolen data includes product source code, private GitHub repositories, as well as access keys to several HPE services, including APIs and platforms like WePay, GitHub, and GitLab.

The hacker, who has previously claimed to have breached technology giants including AMD, Cisco, and Nokia, also says they accessed HPE user data, including personally identifiable information related to past deliveries.

In a statement to TechCrunch, HPE spokesperson Laura von Pentz said, “HPE became aware on January 16 of claims being made by a group called IntelBroker that it was in possession of information belonging to HPE. HPE immediately activated our cyber response protocols, disabled related credentials, and launched an investigation to evaluate the validity of the claims.

“There is no operational impact to our business at this time, nor evidence that customer information is involved.”

When asked by TechCrunch, HPE declined to say how it was compromised. IntelBroker, who claims to be selling the data allegedly stolen from HPE, did not respond to TechCrunch’s questions.

Almost exactly a year ago, HPE confirmed that Midnight Blizzard, a Russia-linked hacking group, had compromised its cloud-based email environment. The company said hackers had “accessed and exfiltrated data” from a “small percentage” of mailboxes after “leveraging a compromised account to access internal HPE email boxes.”