Internal information on the sale: HPE investigates possible cyberattack

Internal and confidential data from the information technology company Hewlett Packard Enterprise (HPE) is allegedly for sale on the darknet. It is not yet clear whether the data is genuine.

Unconfirmed cyberattack

According to media reports, HPE is currently investigating the incident and has taken precautionary measures. So far, however, there is no evidence of a cyberattack. A response to an inquiry from heise Security is still pending. The company assures that it has reset internal access data as a precautionary measure. Business operations are not affected.

The cybercriminal IntelBroker is offering the data packages with the alleged HPE internals for sale on BreachForums. The leaker is well-known, having already offered data from Cisco and the like for sale in the past.

Two data leaks

The HPE data is said to originate from an attack on the company's networks. The unknown attackers are said to have had access to HPE's private GitHub repositories and WePay, for example. No further details are currently known.

According to the leaker, the data package contains iLO and Zerto source code and private keys, among other things. According to IntelBroker, it also contains outdated personal user information that was used for deliveries. HPE, on the other hand, states that, as far as it is currently aware, no customer data should be affected.

IntelBroker has also uploaded another data package that is said to originate from an attack on HPE's email systems in early 2024. It is currently unclear at what price the data is being offered and whether the criminals are threatening HPE with publication to blackmail the company.

(des)