HPE Credentials Reportedly Stolen and Sold on Dark Web

Hewlett Packard Enterprise (HPE) is investigating a potential breach following online claims regarding the sale of stolen HPE credentials and other confidential company information.

The HPE investigation revealed that the data was sourced from a “test environment.” The company has found no evidence of compromise within any HPE production environments or customer information, nor have there been any ransom demands.

The perpetrator, known by the alias IntelBroker, who listed the purportedly stolen HPE data for sale, shared screenshots of some credentials but did not disclose the source of the information or the method of acquisition.

IntelBroker selling allegedly stolen HPE credentials (BleepingComputer)

More specifically, the data encompasses access to CI/CD, system logs, configuration files, access tokens, HPE StoreOnce files (serial numbers, warranties, etc.), and passwords, including email services.

IntelBroker is most notorious for hacking the insurance company DC Health Link, which led to Congressional hearings after the personal data of members and staff of the U.S. House of Representatives was disclosed. Another incident involving IntelBroker includes a breach of General Electric, during which the hacker stole information on military projects from the agency DARPA, including SQL files, technical documents, and strategic reports.