HPE investigates hacker claims of breaching into a source code

IntelBroker claims to have accessed HPE’s API, WePay, private and public GitHub repositories, stealing sensitive data like keys, source code, Docker builds, and user information

Hewlett Packard Enterprise (HPE) is probing a potential data breach following claims made by a hacker group known as IntelBroker. The group asserted that they had stolen documents from HPE’s developer environments, raising concerns about the security of the company’s systems. While HPE has yet to find concrete evidence supporting the claims, the company has initiated an investigation and activated its cybersecurity protocols.

According to HPE spokesperson Clare Loxley, the company became aware of IntelBroker’s claims on January 16. The group alleges that it obtained sensitive information from HPE’s networks and is attempting to sell it. In response to the accusations, HPE took swift action, disabling affected credentials and launching an investigation to validate the claims. The company reassured that no operational impact has been reported, and there is no evidence suggesting that customer data has been compromised.

Stolen data claims and history of security breaches

IntelBroker claims to have accessed multiple critical components of HPE’s infrastructure, including the company’s API, WePay, and both private and public GitHub repositories. The group also claims to have stolen sensitive data, including private and public keys, source code for Zerto and iLO, Docker builds, and personal user information. The hackers allegedly uploaded an archive of credentials and access tokens that were taken from HPE’s systems, with IntelBroker asserting that the stolen data could be used for malicious purposes.

This is not the first time IntelBroker has gained attention for high-profile breaches. The group previously targeted DC Health Link, the organization managing U.S. House of Representatives members' healthcare plans, leading to the exposure of personal data belonging to over 170,000 individuals. IntelBroker has also been linked to breaches at major companies, including Nokia, Cisco, and Home Depot.

HPE itself has faced several significant breaches in the past. In 2018, the APT10 hacking group reportedly compromised HPE systems and used the access to hack into the devices of its customers. In 2021, the company disclosed that attackers had gained unauthorized access to data on its Aruba Central network monitoring platform. Most recently, in 2023, HPE revealed that its Microsoft Office 365 environment had been breached by hackers connected to APT29, a group tied to Russia's Foreign Intelligence Service (SVR).

As HPE continues its investigation, the company is urging users to remain vigilant and to be cautious of any suspicious activity related to its systems.