IntelBroker claims breach of Hewlett Packard Enterprise, offers data for sale
Learn More
Hewlett Packard Enterprise (HPE) has reportedly suffered a significant data breach.
The hacker IntelBroker is claiming responsibility for directly compromising the company's infrastructure. The incident affects HPE, the enterprise-focused company that separated from HP Inc. in 2015 and specializes in providing enterprise-level IT solutions, including servers, storage, networking, and cloud computing services.
The breach was disclosed on BreachForums, where IntelBroker announced they had maintained access to HPE's services for approximately two days. According to the hacker's claims, this was a direct attack on HPE's infrastructure rather than through a third-party compromise.
Claimed exposed dta includes:
- Source code from private GitHub repositories and Docker builds
- Private and public key certificates, including ca-signed.key and hpe_trusted_certificates.pem
- Product source code for HPE's Zerto and iLO products
- User PII related to deliveries
- API access credentials
- WePay integration details
- Access to self-hosted GitHub repositories
- Salesforce and QIDs integration credentials
- Internal URLs for SAP S/4 HANA quoting services
- Internal system configuration details
- Error logging email addresses
The breach's authenticity appears to be supported by preliminary analysis conducted by Hackread.com, which reviewed the provided data tree and screenshots showing internal SignonService web service details and configuration information. The exposed directory structure aligns with the claimed stolen data, including sensitive cryptographic material and proprietary implementations.
Update - As of 21st of January, HPE has provided a statement saying that they have not observed any operational impact to their business operations, and there is currently no evidence suggesting that customer information was compromised. Such carefully worded statement means they were hacked, but so far they think it won't be a big public deal.
The number of affected individuals and the nature of the attack have not been disclosed. HPE has not yet publicly responded to the breach claims or provided official confirmation of the incident.
