Hewlett Packard Enterprise has launched a probe into a possible data breach after its credentials that were allegedly stolen in a cyberattack were posted by IntelBroker on hacking forums, reports BleepingComputer.
While HPE has noted no evidence indicating any breach or extortion attempt, IntelBroker which previously targeted DC Health Link and grocery service Weee! claimed that the exfiltrated data included HPE StoreOnce files and access passwords, as well as system logs, access tokens, config files, and CI/CD access. However, no details were provided regarding the source of the stolen data and the means of compromise. Such HPE data compromise claims by IntelBroker come weeks after the technology giant suspected Russian state-backed threat operation APT29 of being behind the compromise of its Microsoft 365 environment in May.
"Through that investigation, which remains ongoing, we determined that this nation-state actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions," said HPE.