Second data breach claim on Hewlett Packard Enterprise in one month
Learn More
Hewlett Packard Enterprise (HPE) is currently under the spotlight due to an alleged data breach, Claims of the breach are surfacing on the dark web and supposed sensitive company data is for sale.
A post by an individual hacker known by the moniker IntelBroker on February 1st is purporting to possess HPE data, including
- CI/CD access,
- system logs,
- configuration files,
- access tokens, and passwords,
- REST API calls
- network settings
It's unclear how the attacker got access to this data.
IntelBroker's sales pitch on the BreachForums Community includes HPE StoreOnce files, screenshots of JSON-formatted code snippets that reveal usernames, passwords, network configuration details like IP addresses, subnet masks, gateways, DNS settings, SMTP server configurations and REST API endpoints.
Hewlett Packard Enterprise has not commented on the claims.
Update - as of 5th of February 2024 Hewlett Packard Enterprise (HPE) is investigating the claims of a breach after the data allegedly containing HPE credentials was offered for sale. HPE has not confirmed any security breach or impact on its products or services, nor have they received any extortion demands, according to their investigation.
