IntelBroker announced that they had access to the company's data for two days and stole a range of data, including user personal information.

According to the post, the exfiltrated data for sale includes “private Github repositories, Docker builds, SAP Hybris, certificates (private and public keys), product source code: Zerto & iLO” as well as old user personally identifiable information (PII). The threat actor also said it was selling access to the company’s API, WePay, and GitHub.

IntelBroker also uploaded screenshots, which contained names, email addresses, and passwords, as proof of the breach.

HPE said it is conducting rigorous investigations to determine whether this claim is true. The malicious actor has previously breached data from companies including Nokia, Cisco, and Ford.

Security outfit SonicWall VP EMEA, Spencer Starkey  said a robust series of security measures and regular training for staff on best practices is crucial to ensure data is safeguarded.

“Companies should start with the presumption that they will be targeted and have a comprehensive incident response plan, including a consumer notification process, especially when sensitive data and financial information is corrupted. Regulation or industry standards should be implemented to protect consumers and relevant stakeholders from experiencing material damage and ensure transparency from company officers.”

He added that everyone involved should have a well-defined role and key responsibilities before the crisis occurs.

“Customer and employee communication is key, and the company must always strive to keep those channels flowing both ways, to reassure people and organisations who might be affected that they are doing everything possible to recover from and resolve the incident," Starkey said.