IntelBroker claims second breach of HP Enterprise just 10 days after previous attack

Hewlett-Packard Enterprise (HPE) has reportedly been hit a second data breach by the threat actor known as IntelBroker. The latest incident follows a previous breach reported earlier this month. The current breach involves approximately 500 MB of allegedly stolen data.

According to screenshots shared with Hackread.com, the compromised data reportedly includes:

• Private keys and certificates
• Proprietary source code for HPE products (including iLO and Zerto systems)
• Internal Git repositories
• Docker builds
• Infrastructure configurations
• Internal services and endpoints (including SignonService and Salesforce integrations)
• Internal DNS configurations
• Deployment pipelines for microservices
• MongoDB credentials
• QIDs integrations

IntelBroker's stated that they plan to sell access to HPE's infrastructure rather than just the stolen data. In their communication with Hackread.com, the threat actor indicated they might release the stolen data for free while monetizing the infrastructure access by selling it to interested parties.

No details are disclosed about the nature of the breach, but it's possible that it's a cascade from the credentials stolen in the previous attack.

HPE has not commented on these claims.