Hewlett-Packard Enterprise is investigating a data breach after a known hacker claimed to have stolen sensitive information from the company.
The hacker, who goes by the alias “IntelBroker,” claims to have stolen large amounts of data from HPE, the enterprise IT division of hardware giant HP.
In a Jan. 16 post on a popular cybercrime forum seen by TechCrunch, IntelBroker said the stolen data includes product source code, private GitHub repositories, as well as APIs and platforms such as WePay, GitHub, and GitLab. It said it contained access keys to certain HPE services. .
The hacker has previously claimed to have infiltrated major technology companies including AMD, Cisco, and Nokia, and said he also accessed HPE user data, including personally identifiable information related to past deliveries.
In a statement to TechCrunch, HPE spokesperson Laura von Pentz said: HPE immediately activated cyber-enabled protocols, disabled the associated credentials, and began an investigation to assess the validity of the allegations.
“At this time, there is no impact to our business and there is no evidence that customer information is involved.”
In response to TechCrunch's questions, HPE did not say how it was compromised. IntelBroker, which claims to be selling data allegedly stolen from HPE, did not respond to TechCrunch's questions.
Almost exactly one year ago, HPE admitted that Midnight Blizzard, a Russian-linked hacker group, had infiltrated its cloud-based email environment. The company said the hackers “used a compromised account to gain access to internal HPE email boxes,” and then “accessed and stole data” from a “small portion” of the mailboxes.