Hacker claims unconfirmed breach of IBM employee records

A threat actor under the alias as "888," affiliated with the group led by IntelBroker, as listed IBM among its alleged victims, claiming to have breached the company’s network and accessed approximately 17,500 records of data belonging to current and former employees.

The information allegedly includes:

• first names,
• some full names,
• mobile numbers,
• country codes,

Samples showing the country code "91," indicating that affected individuals may primarily be in India. It remains unclear if other regions or additional data types were impacted.

The data was reportedly managed by an external third party rather than IBM’s internal systems, though IBM has not confirmed this detail.

IBM has declined to respond on the claims. The group 888 has previously claimed responsibility for breaches involving high-profile companies like Shell, Heineken, Accenture, Shopify, and Microsoft ANZ.

However, there are questions around the legitimacy of some of 888’s claims, as several of these companies have refuted or minimized the impact of alleged breaches.